sattaking-sattaking.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sattakingu.in/
Effective URL:
https://sattaking-sattaking.com/
Submission: On September 22 via api (September 22nd 2022, 12:42:26 pm UTC) from SG — Scanned from DE

Summary HTTP 120 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 23 domains to perform 120 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sattaking-sattaking.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 10th 2022. Valid for: a year.

This is the only time sattaking-sattaking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3031::6815:4194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::5f	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
13	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:815::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.102.154 142.250.102.154	15169 (GOOGLE) (GOOGLE)
2 2	104.96.159.57 104.96.159.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:8::7	15169 (GOOGLE) (GOOGLE)
120	25

2 2606:4700:3031::6815:4194 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sattakingu.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sattaking-sattaking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:815::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.102.154 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.159.57 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-159-57.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:8::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hneknee.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	451 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 bid.g.doubleclick.net — Cisco Umbrella Rank: 428	151 KB
14	sattaking-sattaking.com sattaking-sattaking.com	183 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	156 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 imasdk.googleapis.com — Cisco Umbrella Rank: 424	131 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	5 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 955 r2---sn-5hneknee.c.2mdn.net — Cisco Umbrella Rank: 382724	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	1 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	248 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	548 B
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1020	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	1 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	107 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9081	914 B
2	sattakingu.in 2 redirects sattakingu.in	1 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 638	758 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	648 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2989	352 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	73 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
120	23

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
17	pagead2.googlesyndication.com	sattaking-sattaking.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	sattaking-sattaking.com	sattaking-sattaking.com
13	cm.g.doubleclick.net	sattaking-sattaking.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	googleads.g.doubleclick.net
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	r2---sn-5hneknee.c.2mdn.net	sattaking-sattaking.com
2	e.dlx.addthis.com	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	id.rlcdn.com	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sattakingu.in	2 redirects
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	sattaking-sattaking.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
120	31

This site contains links to these domains. Also see Links.

Domain
sattakingt.in
sattakingp.in

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-10` - `2023-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-13` - `2022-11-22`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://sattaking-sattaking.com/
Frame ID: E0BA871EC90525A3F55FEFA360CF9F4A
Requests: 20 HTTP requests in this frame

Frame: https://sattaking-sattaking.com/home/chatframe
Frame ID: B0EF9B5DFC0570EAF739B62DE4A70BCB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
Frame ID: 630F1C2BFCD2E7EA42B3DFA52774EECD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&adk=1812271804&adf=3025194257&lmt=1663850540&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsattaking-sattaking.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850540688&bpp=10&bdt=1055&idt=247&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7696811845469&frm=20&pv=2&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: 01438864175C2BDDE598B7F954091470
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2607616022&adf=2269933799&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1663850540&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1200x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850540698&bpp=2&bdt=1065&idt=258&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5ySjgNXxak&p=https%3A//sattaking-sattaking.com&dtd=261
Frame ID: 27B814424D468FB861E34C774243AD95
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6
Frame ID: 899180B34251A89C51993E3DAE7826F1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9
Frame ID: FFF144CCD41B0698EFAE972C09AA5CC1
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12
Frame ID: C48DBCEDF470BE5904F684BE904A4699
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: F4916066E0E3E76B93EF856276A7AAFB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C874FF8517F89A6DDEC29044FF00258
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C68E7064BF189805A14FE749CE503099
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 56C392216D131F178F69408ECD5B91FC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: F99D3070BD7397B6FD75CB5065B9A46A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C32BAE3B60F80E307944E68C8D9B75FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 78B1E62BF7E6D3F14A03E3E81089518F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40E77D746177B33F4FDE129A65DC1A2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2409235980E57FF66E7D68C2157C2128
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

http://sattakingu.in/ HTTP 301
https://sattakingu.in/ HTTP 301
https://sattaking-sattaking.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

90 %
HTTPS

63 %
IPv6

23
Domains

31
Subdomains

25
IPs

7
Countries

1282 kB
Transfer

3354 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://sattakingt.in/
Title: satta king

Search URL Search Domain Scan URL

URL: https://sattakingp.in/
Title: satta king

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sattakingu.in/ HTTP 301
https://sattakingu.in/ HTTP 301
https://sattaking-sattaking.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://d.agkn.com/pixel/2175/?google_gid=CAESEIgqRdhjraMW8gbMR7wXLxo&google_cver=1&google_push=AZmPxg-bUgbXXtjw_u0KbC9N8oSGl-Yhi1L4dvJsGLBnTbp6aD-KvqIItk2i8CGofTd7t5xGvXlXHn6WNKjHVbXOTJT39-LyXt0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bUgbXXtjw_u0KbC9N8oSGl-Yhi1L4dvJsGLBnTbp6aD-KvqIItk2i8CGofTd7t5xGvXlXHn6WNKjHVbXOTJT39-LyXt0&google_hm=Q0FFU0VJZ3FSZGhqcmFNVzhnYk1SN3dYTHhv

Request Chain 82

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFc1weB5s8hW-Ca8NOXWHTA&google_cver=1&google_push=AZmPxg8ED6sHqmQS9wF8e73ePbKXD3xcvxo-QNoU-Qd3pVbCeIkhScSnFa1fMX5I8GYx9cAkbDY_P32sgJNz3xAb5lGOA2u7RQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjMtTC00NkpM&google_push=AZmPxg8ED6sHqmQS9wF8e73ePbKXD3xcvxo-QNoU-Qd3pVbCeIkhScSnFa1fMX5I8GYx9cAkbDY_P32sgJNz3xAb5lGOA2u7RQ

Request Chain 83

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_cver=1&google_push=AZmPxg8DFwUxxgEDh-XqXUUDith4vHilr5-qm-2MGdF-Ua1ShB_v5jUuR4N6kF3wGf8llNaRZ5LUF9mZBu1uH9u8HQjd4eHlcYA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_push=AZmPxg8DFwUxxgEDh-XqXUUDith4vHilr5-qm-2MGdF-Ua1ShB_v5jUuR4N6kF3wGf8llNaRZ5LUF9mZBu1uH9u8HQjd4eHlcYA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8DFwUxxgEDh-XqXUUDith4vHilr5-qm-2MGdF-Ua1ShB_v5jUuR4N6kF3wGf8llNaRZ5LUF9mZBu1uH9u8HQjd4eHlcYA

Request Chain 87

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGSbr4a19BhIaNIGo72hJfU&google_cver=1&google_push=AZmPxg8UvaeQseGWE1PgfDfme_GQljjurqXYRx0N2NHhP9cXs1KM9rAWPffU61rXSSucv4ynnkVhUy4pAhWYkwjnlnKcDPRaGwImNQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8UvaeQseGWE1PgfDfme_GQljjurqXYRx0N2NHhP9cXs1KM9rAWPffU61rXSSucv4ynnkVhUy4pAhWYkwjnlnKcDPRaGwImNQ&google_hm=IGR0cbjLzQUSUpp2K_ULCA

Request Chain 91

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKORsdgtmIz2dZFhzGzhxD4&google_cver=1&google_push=AZmPxg_gkDinm78T3M8bew-0AUNGozrKwCje_MckoyAmVd70Jyd75HF_0TidMv-Sn91aKrEq99kjuFMs3GHDCSDJUh6JKkmxMBow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjgtMjYtOVpORg==&google_push=AZmPxg_gkDinm78T3M8bew-0AUNGozrKwCje_MckoyAmVd70Jyd75HF_0TidMv-Sn91aKrEq99kjuFMs3GHDCSDJUh6JKkmxMBow

Request Chain 92

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_cver=1&google_push=AZmPxg8hEx0zC1yW58jm4gpivvtsk2UCAeOERiuFylQpvMHikYCkQ4UQomSFmYygPJsIoprBe8_dBbW4LzyCsJW1UaX-OT94YNRLJQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_push=AZmPxg8hEx0zC1yW58jm4gpivvtsk2UCAeOERiuFylQpvMHikYCkQ4UQomSFmYygPJsIoprBe8_dBbW4LzyCsJW1UaX-OT94YNRLJQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8hEx0zC1yW58jm4gpivvtsk2UCAeOERiuFylQpvMHikYCkQ4UQomSFmYygPJsIoprBe8_dBbW4LzyCsJW1UaX-OT94YNRLJQ

Request Chain 105

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJYKc8nrbkgxVOjW_H1X0Ps&google_cver=1&google_push=AZmPxg-99p6fidu9H1cqi3wUUa2b6rjpdDkP92zAkKj3u5kHo87v0nOqwH1mBAOhe1TY0kuUZbKA71jt-bsXW1DHboJhfVa-SY0 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-99p6fidu9H1cqi3wUUa2b6rjpdDkP92zAkKj3u5kHo87v0nOqwH1mBAOhe1TY0kuUZbKA71jt-bsXW1DHboJhfVa-SY0&google_hm=IGR0cbjLzQUSUpp2K_ULCA

Request Chain 107

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8p4Hy0TtGv1-l3g1AsHqcfIZCFRFisaTiL3yMMK_w3t3a4UIu4F4Jt1XinB3-dIDLCw3zuxBuN03saKTRxadPK8iSaaq0&google_gid=CAESENQJiv5urmVC0pqzmnSYaaE&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8p4Hy0TtGv1-l3g1AsHqcfIZCFRFisaTiL3yMMK_w3t3a4UIu4F4Jt1XinB3-dIDLCw3zuxBuN03saKTRxadPK8iSaaq0&google_gid=CAESENQJiv5urmVC0pqzmnSYaaE&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjQyMjIwMDAxMDgxMDIzOTkzNw%3D%3D&google_push=AZmPxg8p4Hy0TtGv1-l3g1AsHqcfIZCFRFisaTiL3yMMK_w3t3a4UIu4F4Jt1XinB3-dIDLCw3zuxBuN03saKTRxadPK8iSaaq0

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJX_QaZzn_4WLc31KM-ve38&google_cver=1&google_push=AZmPxg-pVnEts7NAdejtsF4U0AuaXff_wq61FXK0cG4KTF22FvGtY6l-A-wSRXgi5njkYmYbpT3sY3RjuMcLXzFM8QHwJeRO8pOI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JV0QtRy0zWkcx&google_push=AZmPxg-pVnEts7NAdejtsF4U0AuaXff_wq61FXK0cG4KTF22FvGtY6l-A-wSRXgi5njkYmYbpT3sY3RjuMcLXzFM8QHwJeRO8pOI

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC-x0gwd_mM9C6opxchPYmE&google_cver=1&google_push=AZmPxg-PBhkHCFefID_5c8fru5sEXoHLnqxlimrM5UJWX4R48UE_uRMlNmhsmv0Be5C1DwdGkhHTdYEmPU2vuLMe7i2KZJ4sQh7f HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC-x0gwd_mM9C6opxchPYmE&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg-PBhkHCFefID_5c8fru5sEXoHLnqxlimrM5UJWX4R48UE_uRMlNmhsmv0Be5C1DwdGkhHTdYEmPU2vuLMe7i2KZJ4sQh7f

Request Chain 114

https://gcdn.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5CF43EE6A5FD25DF2F5FDE2161073A8020953466.7F73E9B34555A7A85BB322AFFB01A207BFBA4F63/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/24E8A9B3A35A1CFDA95B1DBF55EF8226FC8F2276.2C8ABBBF004041BB3ACED9C1F7CE5166A8E91714/key/cms1/cms_redirect/yes/mh/P-/mip/2a03:1b20:6:f011::9e/mm/42/mn/sn-5hneknee/ms/onc/mt/1663848910/mv/u/mvi/2/pl/48/file/file.mp4

120 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sattaking-sattaking.com/
Redirect Chain

http://sattakingu.in/
https://sattakingu.in/
https://sattaking-sattaking.com/

32 KB
9 KB

704ms
675ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: 6ab43bed44f903bbaffd278fcda9fc2f89ee6ffbad362702d9abdef13e1f232f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74eb1eaaabeb9b83-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 12:42:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8ec96z6uaMdDKnx8I4cZyNnEO58y%2BbxKbS1qnEw4xOd86YegRx3o7TXcEMjpgQpS2Fx35ebq3EsUNF0eaNFDx33KoDquXFo14xug6app5kwv3EPKKeag1BTAv398dVR7a8oXmdKgGosJl3a2ospCGu60rHxHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74eb1ea63fc19b7d-FRA
content-type: text/html; charset=iso-8859-1
date: Thu, 22 Sep 2022 12:42:18 GMT
location: https://sattaking-sattaking.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJeeycjriemzFwzgNXDsWyarHB35LpTziBU8d0Tyjjqq0E2xX5G8ZJF0HABDghrZtpd0daazRX99henhlhVMfDsntcrTbrtwRl5%2FaaGsWiBaI1rufFJ%2B1GXsJfHjd4i5WT1IL5uLQXOgNKdg"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
sattaking-sattaking.com/assets/vendor/bootstrap/css/ 157 KB
25 KB 825ms
823ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Jun 2020 21:39:42 GMT
server: cloudflare
etag: W/"51e0297-27293-5a83a6190c380-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fPSVLNa1p3x%2BGMAhuYoHkZClKJN9wb%2FODojiZbd3U%2B9ZGSTvMX5ZSnHAnnaEcWYt9TG8foyP8%2F9G6FdnkFtVMjQECqdNd1mq%2F5poLgHfdmhvNjCXinK6FUD1IrCk0HI0Dh%2BABnBtGjdct8GIO%2FRt1vaAetVhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74eb1eb0b9299b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
sattaking-sattaking.com/assets/css/ 31 KB
7 KB 669ms
668ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/css/style.css
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 663c87d479e636e933b1d850955aa5328a5c54dc77bd3741ee83f26c65f8fd16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Feb 2021 20:50:50 GMT
server: cloudflare
etag: W/"51e026f-7ca6-5bbded721be80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmlgOUY05XVVW6diVHJxAKz00V%2BkHdu3yHG5sEhlzBN%2B1VpIFL3nnz2OMLbWE52sVi2ahYIgRGxeTiaoLfuDM6hPc62SSASPuLbMhRKQqA5Yus7rTQKP7%2BpQH8OvP1zYwrIxYN%2BwK7Z2XGN3rksAuagrkfJ%2F5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74eb1eb0b92c9b83-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 145ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G5QXZYPG27

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6a1e1802d19e40b456badc38e9d8fbe5e8aae7c931d64221749ad3024e01b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74530
x-xss-protection: 0
expires: Thu, 22 Sep 2022 12:42:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
57 KB 147ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3030785721461473

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe925bb4b63f87770d463ad2220a1be1e4553c620aa2689c3aea0308d202f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Origin: https://sattaking-sattaking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58233
x-xss-protection: 0
server: cafe
etag: 4606225630194535425
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:42:20 GMT

GET
H3 200 new.gif
sattaking-sattaking.com/assets/img/ 2 KB
2 KB 837ms
836ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sattaking-sattaking.com/assets/img/new.gif
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b5abd66d49a9630fcb1d4759b66f304c053de2bb2de41ba0fc9f131e0072f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
cf-cache-status: MISS
last-modified: Sun, 09 May 2021 01:22:38 GMT
server: cloudflare
etag: "51e028f-616-5c1db7f1a9380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Clgtl%2FTEwQLe1DK2oqsDn%2FegWNzMqdIB9LjDuge7UJfuMLB5i2hmMaLarjc7PamVCRxE8GHpfG64kxRIHJQJj%2FTdWd38doZU4mIC78qZllRpDfH1JHmJIcdRdjgGe3c5wE011rcpkKBSyCC0wOW3q6WXVLFs1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74eb1eb5e85991ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1558

GET
H3 200 whatsapp.png
sattaking-sattaking.com/assets/img/ 4 KB
5 KB 1038ms
1037ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sattaking-sattaking.com/assets/img/whatsapp.png
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941d8d302349cc131d0ebf5a19ac1c9cddeb6e554dbf4db79511972b388ac521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Feb 2021 00:25:16 GMT
server: cloudflare
etag: "51e0290-1162-5ba639f053300"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmMYRXQU%2B4iC%2BRnYXtHwEzSAGQQQTXL4l9h%2FvFYHYlXxlmUCS4IDGRIdGMo4NuLlapXU4XXQHl5dUq7aoz%2FN%2BycWb8VPDn7hrqokHp0rNsVac7gYTScdxNFVM7%2FkD8%2FzDRzpCfR3vCwA9otvHBOTw8FVBiZIBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74eb1eb5e85c91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4450

GET
H3 200 5aU19_a8oxmIfLZcERySjQ.woff2
sattaking-sattaking.com/assets/fonts/ 16 KB
17 KB 864ms
864ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/fonts/5aU19_a8oxmIfLZcERySjQ.woff2
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824a9d9843640ecfecb8a65c0634d1e434e1e1734a627ee3b61a8865a77b51d8

Request headers

Referer: https://sattaking-sattaking.com/
Origin: https://sattaking-sattaking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Feb 2021 07:38:48 GMT
server: cloudflare
etag: "51e0273-40dc-5ba69ad74d200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJajpGAqg%2BgONDS2gmfkpd%2FFwydIhrDew4cM%2BTsTajGu2NpZrAdpVzgdcwSOVseCJ7ujQA%2F%2Bfa5eY454slYs9FpmX0xZanD5nJRjkJVbMRxAJgTKOoui%2FEag2nTeNkP89KA2kzv%2FHFgoASK61LoGQd65%2Bsy2fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74eb1eb5e86291ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16604

GET
H3 200 5aU19_a8oxmIfLZcER2SjQpf.woff2
sattaking-sattaking.com/assets/fonts/ 70 KB
70 KB 1008ms
1008ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/fonts/5aU19_a8oxmIfLZcER2SjQpf.woff2
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: facba401b86077d880fd1b0db3f635f5dc61c135fd4e7ab8dfcc9c28562b2889

Request headers

Referer: https://sattaking-sattaking.com/
Origin: https://sattaking-sattaking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Feb 2021 07:38:40 GMT
server: cloudflare
etag: "51e0271-117a0-5ba69acfac000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV9HGyVm8kfFDyruOR5jLvFaODet0Mm%2Brljkx0cPRmxfTKqhd9MXQM6aHbGliyCa6ZMBFChHcAngofpypNlw38gIowG25T421Gf2lci3M7Vp%2F3tNwsIJmkkOYjSklMVKlFuFsjXmv9EF%2Bi%2FMbg3xZjgWEhLdTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74eb1eb608a891ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71584

GET
H3 200 chatframe Show response
sattaking-sattaking.com/home/ Frame B0EF 2 KB
2 KB 655ms
655ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/home/chatframe
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: 80197e169a0babe74f13fa4fc4e33a2c0895b11581b2229461607476ad44b155

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74eb1eb628ce91ea-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 12:42:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIPWMSKh%2FdFjIE9nk3fRqGIqxoqV5EkEAhb7k2awgAgvnEWUwFGXsxeXprvGYD6mJ1zIgoJ8ulouSeltNH4knmaS99YEvWKBtBjJW2%2Fd6NfeIRMxpSzD%2BMJE%2BzU4CXaXcH7ThyhxXEZB%2B8OkQDSlVnvnZSaMkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

POST
H2 204 collect
region1.google-analytics.com/g/ 0
352 B 110ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-G5QXZYPG27&gtm=2oe9j0&_p=1530795358&cid=2099045252.1663850541&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663850540&sct=1&seg=0&dl=https%3A%2F%2Fsattaking-sattaking.com%2F&dt=Satta%20King%20%7C%20Sattaking%20%7C%20%E0%A4%B8%E0%A4%9F%E0%A5%8D%E0%A4%9F%E0%A4%BE%20%E0%A4%95%E0%A4%BF%E0%A4%82%E0%A4%97%20%7C%20Satta%20King%20result%20%7C%20Gali%20satta%20result%20%7C%20Satta%20king%20live%20online%20result&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G5QXZYPG27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sattaking-sattaking.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 148ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3030785721461473&plah=sattaking-sattaking.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3030785721461473

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af761b25db49b35d3d63d3a9ec09977f4e825a52cc5619b453d37ecfccb6bd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124748
x-xss-protection: 0
server: cafe
etag: 4492619910770684629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:42:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/ Frame 630F 10 KB
5 KB 122ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3030785721461473

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 08:58:24 GMT
etag: 9671129459699598864
expires: Thu, 06 Oct 2022 08:58:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 227 B
648 B 178ms
62ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sattaking-sattaking.com&callback=_gfp_s_&client=ca-pub-3030785721461473

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3030785721461473&plah=sattaking-sattaking.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

423a41a41568dce3d3f9e1038dc20e4decbdd94f784cd23531a03fdda2aa6551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 216ms
70ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sattaking-sattaking.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
47ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sattaking-sattaking.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fsattaking-sattaking.com%2F&tn=A&cls=back-to-top&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0143 18 KB
5 KB 275ms
197ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&adk=1812271804&adf=3025194257&lmt=1663850540&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsattaking-sattaking.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850540688&bpp=10&bdt=1055&idt=247&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7696811845469&frm=20&pv=2&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4356e13cdfd346a23ca693bcd5c7c74c84a7a1d51b1112f8b5ce5e328532ccb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 5241
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:42:21 GMT
expires: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27B8 93 KB
32 KB 452ms
382ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2607616022&adf=2269933799&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1663850540&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1200x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850540698&bpp=2&bdt=1065&idt=258&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5ySjgNXxak&p=https%3A//sattaking-sattaking.com&dtd=261

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6482a29157bc3f0eb9b651f75cb82f169a759c2cbf8d6de00c3a8147e7e2f89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32396
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:42:21 GMT
expires: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 king.png
sattaking-sattaking.com/assets/chat/ Frame B0EF 2 KB
3 KB 651ms
650ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sattaking-sattaking.com/assets/chat/king.png
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/home/chatframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0e704073c7975eab6279392e749b96b26c5b57b997aece05fff39ed21b7be5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/home/chatframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Feb 2021 06:09:34 GMT
server: cloudflare
etag: "51e0267-914-5ba686e554380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBlQ4CR0%2BujZZGGgMmzhqwKdTep1jCgUi4IXFEpwTCJ5MTEJtlmsGRFwHNy9hNX8io0SfAvC3TFSAa1CP7AxCXUSkY%2BdWON8oYg0elpmS3g5ybBGoTA2yJWaGjD203Ne5qU8JjmcbIP2vn%2FPcZVRH%2B%2BwgabSIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74eb1eba4fe291ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2324

GET
H3 200 arrow_up.png
sattaking-sattaking.com/assets/chat/ Frame B0EF 2 KB
2 KB 660ms
658ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sattaking-sattaking.com/assets/chat/arrow_up.png
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/home/chatframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c028e77c0875fefb3af8bf7683bf14fea4d880a00363b6992b0bd9b10860264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/home/chatframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Feb 2021 21:01:12 GMT
server: cloudflare
etag: "51e0261-62f-5bbdefc34b600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrKz6O2jhvf53O2HHO3nuBtVZR%2BcLYZ9TbzMfAi23x78xmZ0SznGD8XDyXuswrdiDFxlIB92LMQuFdVrgaMI7wYNKJCFX2PEcafysp%2FcvQPWICdnRZohRspyMcZH%2Bqb0UoevC53l2HHWZ46ju7GuEaEXhbaLlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74eb1eba4fea91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1583

GET
H3 200 jquery.min.js Show response
sattaking-sattaking.com/assets/vendor/jquery/ Frame B0EF 87 KB
32 KB 946ms
945ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/vendor/jquery/jquery.min.js
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/home/chatframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/home/chatframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Jun 2020 21:39:42 GMT
server: cloudflare
etag: W/"51e0299-15d84-5a83a6190c380-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RboWtndKK79WIQeuv%2F%2BLfpGwtIZ7878lMQllb0hNj7ja5fjySPCRLVNJJkIz5lgom%2FG3k3d5Sy3edqw5tFjH1uxhfJ7bhwFnX%2BIYHJAQutxU3YOoHMhplIEfNi%2FWVMatYC8xDj0UqnS2HsbJGfFMGydIlx%2BCxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74eb1eba4fec91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom.js Show response
sattaking-sattaking.com/assets/chat/ Frame B0EF 3 KB
2 KB 1257ms
1256ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/chat/custom.js
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/home/chatframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79fdfa1b990930a7eb9c64b4cdd3788c5bdb716fff312e02327858e7e8f64ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/home/chatframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Feb 2021 18:58:08 GMT
server: cloudflare
etag: W/"51e0266-ddf-5ba8748c87000-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkdV3vzKX92Pv6qAyg28U74QIh6a8LW7ZRfNhA2a3t4kvY8Yz7UrQ2bHkJ0SDclkuOYYvKX4Ek0npDodLtiIAwj26fgNKfCCXu2fKuOrmviaeWSk2gOwiKo22WjK2KASaUlw7UUlPZK75fKsbmNVQY3Qq4LxMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74eb1eba4fed91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 material-design-iconic-font.min.css
sattaking-sattaking.com/assets/chat/ Frame B0EF 67 KB
7 KB 655ms
654ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/chat/material-design-iconic-font.min.css
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/home/chatframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 710b7af1dd5786f07505d798494d75a19f0323a86cb767125466ed8a46c09ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/home/chatframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 11 Nov 2020 04:32:52 GMT
server: cloudflare
etag: W/"51e026c-10ae7-5b3cd49d64500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I8xS8B%2FmdwOPwLzv1tUBNemAKl67ac8nBxvYAa%2BJnalRPKNp81RjXV4fZtSEJQrM4NzqRw3TVTLHkaHIS4Azd3%2BrMdTt8SVQ4d9j42VsFwAmpG2Vaeof0T1EbPeaSiGHAD5BOlkrNvYtQsx9hRZUtisFzPbdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74eb1eba4fef91ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 container.css
sattaking-sattaking.com/assets/chat/ Frame B0EF 5 KB
2 KB 649ms
649ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sattaking-sattaking.com/assets/chat/container.css
Requested by: Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/home/chatframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ecaf021fa8ca851888abbf381816b683c00213c29bb9316cd97750ccec5dab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/home/chatframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Feb 2021 20:57:24 GMT
server: cloudflare
etag: W/"51e0263-138f-5bbdeee9db500-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2MOgs%2FGm%2BgJ4A7gjLhDM%2B8LnpciuvrtC7wC9%2BhcDM2m4MAlWPdU7pesE3%2FQF9LJHMNxMoXr3COhldncyC%2Fb9BN7JOP%2BPJqgY3qBaQNBKCaNGPqj%2F%2BtMSGBylcl0GkbhWYTDw0MEDQvtSlZEZLJQSfXEuiJtmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74eb1eba4ff091ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 128ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sattaking-sattaking.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sattaking-sattaking.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8991 95 KB
33 KB 385ms
385ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f72488eb57c46dc4f5847c562159e5b6ced071739864a8c8a1105812f8bb917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:42:21 GMT
expires: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FFF1 72 KB
24 KB 555ms
554ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

147e68f9f00d850b17ac7e12dfac6781a39219689e417427a5f575c364567f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24808
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:42:21 GMT
expires: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C48D 96 KB
34 KB 496ms
495ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

472932af17e2a10b4bac7196189a8065b1259e8da82e789a1868b8264d063e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34424
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:42:21 GMT
expires: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 27B8 8 KB
1 KB 52ms
21ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2607616022&adf=2269933799&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1663850540&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1200x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850540698&bpp=2&bdt=1065&idt=258&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5ySjgNXxak&p=https%3A//sattaking-sattaking.com&dtd=261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 11:20:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 12:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 27B8 2 KB
983 B 151ms
52ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:36:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 27B8 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAuDALVgsY7L9A5TztwftsKD4CbOajd5lwunm1toJnvPBsooOEAEg-5-GaWCV4pCCoAegAamK8P4DyAEJqQKj_pppO3uwPqgDAcgDywSqBI4CT9Bz0HFnaWDoAs3beHjXbt2bwQfpxSCL0eul3w7oJEaG2cMvNhTE2RR7nAgY_jLmgEmH6TuAJ3zSMq910tk0Sk39jDD1XTJZ228loJ129FtiEAKVdVEnQoVfhA6KBBtiENOxsG79DU5IxhMUsyhCPezOUfwRkXweDN_O8zoSY3poTZGZtzc6x_paMtIyE1nXH-CiwUlK9VRNxIckOxmNm3XQlOCQ77zxKQ84HXD_adk4NLDD0X2BnoA2XyLx3mhnBBjIqVriuo9UQz-TNfrcvACM9o84s3R6y7X0p7OGPsnlSV4saoiKLBHzmGq8eqKEcRFYnFe_qKFScTbmiMU0VLNiinQhaIADqpYIINlUwATwjPGKhgKSBQQIBBgBkgUECAUYBKAGLoAHv_WPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENKxAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBogwIKgYKBM-nsQLYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItMzAzMDc4NTcyMTQ2MTQ3MxgA&sigh=HfeHO3oJPsU&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2607616022&adf=2269933799&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1663850540&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1200x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850540698&bpp=2&bdt=1065&idt=258&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5ySjgNXxak&p=https%3A//sattaking-sattaking.com&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 27B8 23 KB
10 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:40:32 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 27B8 3 KB
1 KB 155ms
58ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:37:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 27B8 17 KB
7 KB 143ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:12:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3989421941205656321/ Frame 27B8 24 KB
24 KB 171ms
75ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3989421941205656321/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a957bcb3fe55f62137039469d1ff8b8ce07598f8cc113a124cc76c0220dfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 16:16:50 GMT
x-content-type-options: nosniff
age: 505531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24684
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 10:47:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 16:16:50 GMT

GET
DATA 200
OK truncated
/ Frame 27B8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 27B8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27B8 140 KB
44 KB 223ms
97ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H2 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 27B8 33 KB
14 KB 142ms
43ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 08:57:31 GMT

GET
DATA 200
OK truncated
/ Frame 27B8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fad147171c29106bbb5edc9af05b085d49650b8cc0002298e6230e99e648013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8991 8 KB
893 B 51ms
20ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 10:55:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 12:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 8991 2 KB
902 B 117ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:36:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8991 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4dItLVgsY-H8E9uX7AP_sInID7TAj8RstvfzqZgMnvPBsooOEAEg-5-GaWCV4pCCoAegAbXj67oCyAEJqQKvE4mOKYSwPqgDAcgDywSqBIICT9B-oXpSK61RmpXpvjBxUB2cMjTIk7hWHLI23iZLw0_5Lj0MqzTppPJ8MPYC0QsdlF7sEoBulcjrE3flohYpx1N901Op_dtmdJIab5ojv-pGhaR8xvQkfY5TZZsTdFbKz0VIvwMbbGW8QLjCf53tf0xQRn3i81j_DFEpGCE3J7dMIa6TcVpil5gweesQu1_aesAXxhz14ZYSWYv_P9V05Ijx5MEANpCEtFpfDh9GT4gYAv6ogYrwYp3OUMuGrkGvPCIKcjDb86MzezkdAFfviSCb76v6NsInno6LHTJ7QE1N3rfnoI2C7xGxxcqvIZmVyUlbG9uC3u5gRLYfwGBEbk7cwATu4aXY9gKSBQQIBBgBkgUECAUYBKAGLoAHs5yUxQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDiT9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQJ0BUBgBcBshccChoIABIUcHViLTMwMzA3ODU3MjE0NjE0NzMYAA&sigh=7rxwIn7YMfw&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 8991 23 KB
9 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:40:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 8991 3 KB
1 KB 151ms
75ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:27:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 8991 17 KB
7 KB 121ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:17:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8991 0
0 131ms
46ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAWjyqh7uc44Mb7KIehAMsRp5Q0PAGjYoEj7nGSbRy7asNPS7gMlMJDbIJG585RM-P_LfbwOQhSsN0k3dOZhTKCzqMaQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8991 140 KB
44 KB 206ms
107ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame 8991 33 KB
13 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 08:57:31 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9831445572234629354/ Frame 8991 27 KB
27 KB 119ms
51ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9831445572234629354/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd7df9746bba2caee2fd0abcb8f83ff6db76199f8fc50c6ff213f2c705a12460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 08:10:37 GMT
x-content-type-options: nosniff
age: 189104
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27880
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 14:19:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 08:10:37 GMT

GET
DATA 200
OK truncated
/ Frame 8991 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8991 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 27B8 28 KB
28 KB 163ms
47ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 57859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:38:02 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame F491 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:58:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C48D 8 KB
893 B 20ms
20ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 10:56:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 12:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C48D 2 KB
902 B 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:36:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame C48D 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:40:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C48D 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:27:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C48D 17 KB
7 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:17:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C48D 0
0 47ms
46ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHr_K3RCCQg2OdRdSaLd04cP4cJ09UU4Zb3HsUaZ9j0wdiBlEBfBfcZvNa3usJr5d5bq0HpqceIoEYsksmB0ZTP_4C5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C48D 140 KB
44 KB 157ms
156ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H3 200 b6810b6596f7ed55ed76c68d0358aca1.js Show response
www.gstatic.com/mysidia/ Frame C48D 33 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6810b6596f7ed55ed76c68d0358aca1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 08:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13684
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 21:38:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Dec 2022 08:57:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C48D 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkWACLVgsY87PFK2U7AOwmY64AbTAj8Rsr5bR9YMMnvPBsooOEAEg-5-GaWCV4pCCoAegAbXj67oCyAEJqQLxPJwC5HywPqgDAcgDywSqBIICT9DYe_pUDhw0A-CVNYbSVjiZqJZdlAB4xmIw0hDVcdOBEoC09T3Q75o51bTXoWbI6LLo72Oq9qaglhvWIasCLIUUS8x3n-bMTJECwBnQnXjq_OynWgg_Bz8tHik2FTSeumkqubaqSnBVj9DQ8cxPR5JcZhylblzt1I1AfhTVUoe8Xrk31ppWgZL1vvS_wYvMhWjHhq2jpSFuy_5brPv9esEKB4uztgFkC9oUnYVb_9dYSoYCTVjnBypOkE3P4Ut8q3xlre1qfek_MAgUdc0uUjuymvhhNHS3k9aXEGwVtTsm1SgrfklFYt9PcYljEsoM9pQ8Jm0S99RutwOEevDxNklQwATu4aXY9gKSBQQIBBgBkgUECAUYBKAGLoAHs5yUxQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDr8ALSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUB9AVAYAXAbIXHAoaCAASFHB1Yi0zMDMwNzg1NzIxNDYxNDczGAA&sigh=hkbENhWRvCo&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Sep 2022 12:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16215855318931877976/ Frame C48D 19 KB
19 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16215855318931877976/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc03f558834fce9af1439acc2e843f939e025d2fe9fb1404eee1419b8646888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 07:20:09 GMT
x-content-type-options: nosniff
age: 451332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19886
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 14:19:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Sep 2023 07:20:09 GMT

GET
DATA 200
OK truncated
/ Frame C48D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C48D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C87 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 11:21:15 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 11:21:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8991 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fd3d95f54e2c65d65678ac3e7dad478f6503f5b9ff4ce1dce4456ea27de1be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame FFF1 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:40:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FFF1 8 KB
716 B 20ms
19ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 10:58:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 12:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 12:42:21 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/ Frame FFF1 14 KB
3 KB 61ms
19ms Stylesheet
text/css 2a00:1450:400c:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 10:43:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 14:13:30 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/ Frame FFF1 358 KB
124 KB 61ms
20ms Script
text/javascript 2a00:1450:400c:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2fb2f53f28ddfc9fe690f62f03a79f9a8cda371bb1dc025b02495bc61d2966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126708
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 10:43:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 14:13:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame FFF1 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7568
x-xss-protection: 0
server: cafe
etag: 16266204680973569043
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:17:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FFF1 0
0 119ms
44ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNxMR3PXAHPq-ILsSAhkr6qvbtqY0xSgZ0l6QsPkve6WDNrjz-yECLDIjDILeGjdblOamOI-hUSuJFh5laVkS6HUStyw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C68E 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 11:21:15 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 11:21:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C48D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3856b448be437068ea56f663b1da757f614882d06c60cf57944eb74786a2d4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8C87 35 B
463 B 38ms
9ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECEDHIy7fVmmjLv5kJHb3yQ&google_cver=1&google_push=AZmPxg_BgaBMshcXkBQDiNm8yyuAqHp9T7qLjx3SS-aQzquPd-5cM5BCUbnS4MlPSJkbYtxSLeRSO8n_4R0T4a6EJqrH8IuX7oM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C87
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIgqRdhjraMW8gbMR7wXLxo&google_cver=1&google_push=AZmPxg-bUgbXXtjw_u0KbC9N8oSGl-Yhi1L4dvJsGLBnTbp6aD-KvqIItk2i8CGofTd7t5xGvXlXHn6WNKjHVbXOTJT39-LyXt0
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bUgbXXtjw_u0KbC9N8oSGl-Yhi1L4dvJsGLBnTbp6aD-KvqIItk2i8CGofTd7t5xGvXlXHn6WNKjHVbXOTJT39-LyXt0&google_hm=Q0FFU0VJZ3FSZGhqcmFNVz...

170 B
188 B

106ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bUgbXXtjw_u0KbC9N8oSGl-Yhi1L4dvJsGLBnTbp6aD-KvqIItk2i8CGofTd7t5xGvXlXHn6WNKjHVbXOTJT39-LyXt0&google_hm=Q0FFU0VJZ3FSZGhqcmFNVzhnYk1SN3dYTHhv

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 12:42:22 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg-bUgbXXtjw_u0KbC9N8oSGl-Yhi1L4dvJsGLBnTbp6aD-KvqIItk2i8CGofTd7t5xGvXlXHn6WNKjHVbXOTJT39-LyXt0&google_hm=Q0FFU0VJZ3FSZGhqcmFNVzhnYk1SN3dYTHhv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8C87 43 B
356 B 95ms
22ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAxCljAdbo3jLlWnaJn_F9s&google_push=AZmPxg8Z2XoLlCgkXdirOUtdxPwHk_VLKif-NyGIK8DmBefz-r3fl4dJSsWk80PtCJyuAWRn5SY561aM35HaEw7Zj3FOFdsGw3Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8C87 43 B
134 B 117ms
45ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBi_bWNAajEGCWNUIgfgJ6E&google_cver=1&google_push=AZmPxg-tO9sUj4eknKJ56SN8aXuC3Zhi8Nz1Svy2dYgAlrVLhUznHw9AvcNjrM1FBocOE0ZGKs_Mfbb-iFq6j36H8PdVxKjmwr4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: r65bmlafchj78fspb7h1mc2a4sblu9ig

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8C87 0
166 B 65ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEUMDlSe1JnbN2YR1s5ZzXs&google_cver=1&google_push=AZmPxg9PcPu4HcWRjt0m5sAxzff3GuUvaXtG2Dh4KHwBs-4JyK98EACVtAYAc9KzndX7Zp9BxYY1_zrbm4dkeSsKBiNgT05EMDE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=2997935314&adf=1489598389&pi=t.aa~a.4235965234~rp.3&w=1140&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1140x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280&nras=3&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1983&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=rv0KM1Kcz0&p=https%3A//sattaking-sattaking.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8C87
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFc1weB5s8hW-Ca8NOXWHTA&google_cver=1&google_push=AZmPxg8ED6sHqmQS9wF8e73ePbKXD3xcvxo-QNoU-Qd3pVbCeIkhScSnFa1fMX5I8GYx9cAkbDY...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjMtTC00NkpM&google_push=AZmPxg8ED6sHqmQS9wF8e73ePbKXD3xcvxo-QNoU-Qd3pVbCeIkhScSnFa1fMX5I8GYx9cAkbDY_P32sgJNz3xAb5lGOA2u7RQ

170 B
232 B

47ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjMtTC00NkpM&google_push=AZmPxg8ED6sHqmQS9wF8e73ePbKXD3xcvxo-QNoU-Qd3pVbCeIkhScSnFa1fMX5I8GYx9cAkbDY_P32sgJNz3xAb5lGOA2u7RQ

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjMtTC00NkpM&google_push=AZmPxg8ED6sHqmQS9wF8e73ePbKXD3xcvxo-QNoU-Qd3pVbCeIkhScSnFa1fMX5I8GYx9cAkbDY_P32sgJNz3xAb5lGOA2u7RQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C87
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8DFwUxxgEDh-XqXUUDith4vHilr5-qm...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8DFwUxxgEDh-XqXUUDith4vHilr5-qm-2MGdF-Ua1ShB_v5jUuR4N6kF3wGf8llNaRZ5LUF9mZBu1uH9u8HQjd4eHlcYA

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNscSYWBw%2Fx%2BXZcmQcPDQ%2FGitZMu0ACUuJw7nFcW92REashD4ArshGfnjcnoW9KMKiwnJ7d5nU2Ny%2BO%2Bh85dYXcVFq5FmQMmlV%2FaeQLDW4VAivesLQjxFwdVA30xj1KbKlockLSJeStUsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECXBN1IzV3sZLU_ZdbfeqBg&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8DFwUxxgEDh-XqXUUDith4vHilr5-qm-2MGdF-Ua1ShB_v5jUuR4N6kF3wGf8llNaRZ5LUF9mZBu1uH9u8HQjd4eHlcYA
cache-control: no-cache
cf-ray: 74eb1ebff9a49b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C87 0
223 B 125ms
40ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JSnWNWI7ZDXLlO06AsctvhCtswCGdwfB02Ap0Lb2BhAA-PDSc8pVsATFNWxq_BEnTWDZj-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8991 28 KB
28 KB 149ms
50ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 57860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:38:02 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 56C3 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:58:32 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C68E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGSbr4a19BhIaNIGo72hJfU&google_cver=1&google_push=AZmPxg8UvaeQseGWE1PgfDfme_GQljjurqXYRx0N2NHhP9cXs1KM9rAWPf...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8UvaeQseGWE1PgfDfme_GQljjurqXYRx0N2NHhP9cXs1KM9rAWPffU61rXSSucv4ynnkVhUy4pAhWYkwjnlnKcDPRaGwImNQ&google_hm=IGR0cbjLzQ...

170 B
329 B

63ms
45ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8UvaeQseGWE1PgfDfme_GQljjurqXYRx0N2NHhP9cXs1KM9rAWPffU61rXSSucv4ynnkVhUy4pAhWYkwjnlnKcDPRaGwImNQ&google_hm=IGR0cbjLzQUSUpp2K_ULCA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8UvaeQseGWE1PgfDfme_GQljjurqXYRx0N2NHhP9cXs1KM9rAWPffU61rXSSucv4ynnkVhUy4pAhWYkwjnlnKcDPRaGwImNQ&google_hm=IGR0cbjLzQUSUpp2K_ULCA
pragma: no-cache
date: Thu, 22 Sep 2022 12:42:21 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C68E 0
98 B 146ms
42ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-vuLqC5ndodcCb_SQJ79nC4RVqHCQ4Y3CeUyiGYHIsCxvACl6Pv9t0pAdnrgdzP2fCQ0Z80VmEmZL1zejJRH4JB1-Zq-m0Fw&google_gid=CAESEFsJ1R9CL4ERnR0OXb5HEGQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame C68E 43 B
350 B 70ms
44ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE0Wczq6Us61E3LjuXPu3xA&google_cver=1&google_push=AZmPxg9UO7SLNGuli3Pk3mBBt4B4vmnnOwTdfTXKx0uDgLCIOw61i1Q-XDvd9-Wgr7KnBWf2yXAk9Uw-XsV_4tqJmpUY5nZySQXMDw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 3iudrcue2rjpg9iucf1iorr2jl84k10c

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C68E 0
41 B 19ms
15ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB3gVRTEcsxn7B4OK9YjavM&google_cver=1&google_push=AZmPxg9Dd77oTgs_rf-MqE_TJR7_bxNNTpexPI0XIslukSzPD7_hPrbLK2Yr9-og4_Vp2juslGudp2iCVQqSoc75nd8oDVSOvbKfhg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=4150966103&pi=t.aa~a.605826571~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1631&idt=1&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280%2C1110x280&nras=5&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4011&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=C2BcIKPGcS&p=https%3A//sattaking-sattaking.com&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C68E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKORsdgtmIz2dZFhzGzhxD4&google_cver=1&google_push=AZmPxg_gkDinm78T3M8bew-0AUNGozrKwCje_MckoyAmVd70Jyd75HF_0TidMv-Sn91aKrEq99k...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjgtMjYtOVpORg==&google_push=AZmPxg_gkDinm78T3M8bew-0AUNGozrKwCje_MckoyAmVd70Jyd75HF_0TidMv-Sn91aKrEq99kjuFMs3GHDCSDJUh6JKkmxMBow

170 B
232 B

51ms
50ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjgtMjYtOVpORg==&google_push=AZmPxg_gkDinm78T3M8bew-0AUNGozrKwCje_MckoyAmVd70Jyd75HF_0TidMv-Sn91aKrEq99kjuFMs3GHDCSDJUh6JKkmxMBow

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JUjgtMjYtOVpORg==&google_push=AZmPxg_gkDinm78T3M8bew-0AUNGozrKwCje_MckoyAmVd70Jyd75HF_0TidMv-Sn91aKrEq99kjuFMs3GHDCSDJUh6JKkmxMBow
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C68E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8hEx0zC1yW58jm4gpivvtsk2UCAeOER...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8hEx0zC1yW58jm4gpivvtsk2UCAeOERiuFylQpvMHikYCkQ4UQomSFmYygPJsIoprBe8_dBbW4LzyCsJW1UaX-OT94YNRLJQ

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DYk%2BdE9zHSC2U0b%2B6UCl8W6gnBtQ6lDHbZCF1LyuKd9DZxY0EcMI72GrfUdNkDet5100%2FzrqAnQrSTVKYZL0Gz4VGYc9zKkJUy4x5wM4ITKzYmqNY2osz%2F4sEsdMnstTr0hH12mK8%2B7ow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELiOw0RNrADqYGAepoDWz0k&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg8hEx0zC1yW58jm4gpivvtsk2UCAeOERiuFylQpvMHikYCkQ4UQomSFmYygPJsIoprBe8_dBbW4LzyCsJW1UaX-OT94YNRLJQ
cache-control: no-cache
cf-ray: 74eb1ebff9a69b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame C68E 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C68E 0
40 B 78ms
41ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LIxyBTANv8MboqkuQVfr_ZRgFfnVjoLcsbPI4zOldssJWWPchFGqs7-t1jqqfTN5zTe-xnKA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame C48D 28 KB
28 KB 94ms
48ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 57860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:38:02 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame F99D 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:58:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FFF1 0
327 B 91ms
30ms Ping
image/gif 2a00:1450:4009:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l8d1nisx&c=8044471408370&slotId=4022235704185&qqid=CMvM5aO2qPoCFQTZ7QodEdgCYw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:815::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FFF1 15 KB
16 KB 60ms
59ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 61754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:33:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FFF1 15 KB
15 KB 82ms
82ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 61762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 19:33:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFF1 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CyikvLVgsY4uCE4SytweRsIuYBoW4-alsiv762sMQ8C4QASD7n4ZpYJXikIKgB8gBBakCrxOJjimEsD6oAwHIA5sEqgShAk_QxtlTcvOX7ooXVlAUMy44DVLnWRU_e9mIinlwpaLmFXnNGL4e1oZeVbwTT4DbayAJ1KdhXwDmA9Ty2E9SoKc8SkyhYeBPUbnAPxVUOCYH79neJ8hiVn3bDgDnQerr07SrThJJClRQ4ynqu7Jr_mkUQsukJCGoyBpeKkgf91av1i03abrbNZ1Js0_ehpVlrGYLCnmOSj-4G3gn6cLWN3diUi1jQjpx_OWVV0Eh9sRvZzPfyN7rRyyFq8KKv_93ROPOPtRE8hosVbh_TNWtHKFPtOLoKXTm83aobWkCe4fGh8fwYVeDFVLdDiw2DNVpsI-H6cSKfJfHga-Vw8Z_c3YTmuC2ccE8tRFkjAyC3z_DtVpqFqEtnfEOr1Q3UToNYkXABKa9kKmDBOAEA5AGAaAGdoAH17u0xAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE5yKuxDQEwDYExCIFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1663850542077&ai=CyikvLVgsY4uCE4SytweRsIuYBoW4-alsiv762sMQ8C4QASD7n4ZpYJXikIKgB8gBBakCrxOJjimEsD6oAwHIA5sEqgShAk_QxtlTcvOX7ooXVlAUMy44DVLnWRU_e9mIinlwpaLmFXnNGL4e1oZeVbwTT4DbayAJ1KdhXwDmA9Ty2E9SoKc8SkyhYeBPUbnAPxVUOCYH79neJ8hiVn3bDgDnQerr07SrThJJClRQ4ynqu7Jr_mkUQsukJCGoyBpeKkgf91av1i03abrbNZ1Js0_ehpVlrGYLCnmOSj-4G3gn6cLWN3diUi1jQjpx_OWVV0Eh9sRvZzPfyN7rRyyFq8KKv_93ROPOPtRE8hosVbh_TNWtHKFPtOLoKXTm83aobWkCe4fGh8fwYVeDFVLdDiw2DNVpsI-H6cSKfJfHga-Vw8Z_c3YTmuC2ccE8tRFkjAyC3z_DtVpqFqEtnfEOr1Q3UToNYkXABKa9kKmDBOAEA5AGAaAGdoAH17u0xAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE5yKuxDQEwDYExCIFATYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame FFF1 27 KB
16 KB 97ms
51ms XHR
text/xml 142.250.102.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CXXjPMsXb5iCuDL7eH9s01t0vqH2p6_tD6ZsCNX0riMVyQ0uTwWWIpKHRZqvn6iy58PKb351iNAa1kk59DCD5MoldGUw&cry=1&dbm_d=AKAmf-B_ijLUWCSQ51oUZaVpWAd8mQW9UHSgXRWqXdB8dRcyI_Jw_qCaBCZuTCxJERJ_UYSFor5GubVb_E99c1L8fxbAnBOPQJeTaAVWYGDRaAVweE4DsGmHJ-VRtUa2G4tTBp_UWTNmG4cOIYDLnGz25l6C36ex3hIZY9HlfvuSlvH-zSFwz9pG7K1PiB3si5xQrQkxFOyYYEcS4ALi31Jf-ufPPVFieROiQudedzLTh5oqSKi08LnRHUnea4wuQ9Ewh-Fs6ZJ4ekvyLV-BcqDILdxR5KyTczNKx-fl5M2iYor6Tgnekfe0XP3SfNznQ7cFO53naVlMY8mAO3OG7DlW3gMzyPr7lBvwizmyRWRnNt9HXonuSAC-Q5Y1U47bzW8qD_m5aZb6Vb_mI7aevDZT08FGXuxf0nFiEAxGv9M5cxUJGdSz1Z04DwGFhgbPHlivrjMT3KDBADaWuRP0qNvQLy29eoDV8VFX_u8mPvikHMD0Gj58VO1dbJaXj6kNxxmPMcREgEW1MKgi63CmbzgyKv5HM3uPlYXZlgHjgNaBi-MV69JjI2vQOL9UXhN9yj9PUnb041bZpVK4g3LHeH4__7aNQeSi5BkFwCZpo19iHlCp_yPTjP0IPaJYE6ynpLL262WYhUF5-Jt_eP2YSIR9A618nv5CfRfYdM_Xs_AqrODMNr5CPzh24sNwdPmzBLlvyHyG6YmNAo6LiFu-pj80My79fVtpWkA-9Ch9w0RW3WfV6odkiKbv_MaRFRYrE4qdSzdN09inHc81X7q1uhOD6y81tBWU7M67rRVG7wpOrR5z6zKpZKdogrCKoFPlMJz_jvUsqjdTzK52MdsO7a3uwqlLXa7kTl-m_p4HW1lwuLObz_hYVwGqz9OZ6ZQ9zPLAKeC4kkcT_GYCT_pIJXxjYdBQ7YhsHjS9AlPfU6svDRQbTlWRbgE_CPOYnGe9MkKl-t-l1qU3Du_GKfoqwtgvSiDH5IG-fT49XLbTHoEJaqD8G-BXfRy993MelyvDF_wdMwCWOanHL_2VyN-tih1y6rzcem2umOyR3TWXaBtwFl0eqYFrUGcqbQaqjiSaF7FlzLzUNjY3BgsAz8H4_th8SMEVVOSbxGZF0rodZXWt_5Lqb7txYwVA540XSz4-QR8dVQK2cuLlPv39Yyq0ORz7PW-R_iZY0Wc5iM0C44lv6vIV1STttExI_1Ha2CZe0gm4wNTaglWKZjmb8DVRS8JdaPKg7g2JGHmEG2wMXReM9FjUhHvw-HEq_NWhjkXq8ymA8lnOeAjA1P3vLnVZ5wo3yOBJ43NXPh9sYZznrSJqLyPbzN5g0zpRMMa4TLbQS0pMzKbwRa6_58FTEQPwkDRiGgjSveAv3S1vFAeipj0KUu-3SnTx50MCUzbn3DFWMeVxoHUaYLRkOo8K_HN3pRoKVVrfR7eP2d22Q8nAHjv6cyQMoIVDt7PieTqdUdodELRjBZw5gcN6iT4iO5Q0-4SEh0eHMVC8fllb9xwUJH-ufVt985YvOjsKsI8Pa_Jw3rFl71fytoqhEr5At0s9svmSd1S3t6DYbDj-gKFlWWx3wFkN_bzIGjOnneLT_jmEi2sq7ikSIIFQNvGlvopoHAJBfoPVnA2YlXWlsilEYc2aCWciFHRB-zfTfQd8BAPuo5O-IGfUKe0OzWgd2ciTDgmvKJQUahJaD5iTRpMgEnGBXqG_QBUgxygiJ9VLg3YdjVNIaG9W96FCOLgny_Fz_C3IWqMLMp1rQ6YjaiJoEDsUMawOAsEIbGkQbbG_Y9U21WFriZH81R4XfB06dBwP6ZaCZpuOP3UshQ78RKMZX9z0VnrxNi6Bv-tYuB6YljOXvJ2Il3EOJZsTuGW5DFWlLYTwNuvG1dp5sZOZds8C8DM3Gq3g5KsO-jtfjiFT_R87WqTGxTPsRDD4XGxek_LQ9zazdGEC_HwkEQJymV6l-UgE3N5RYTGpVo0Zndc9dwOuOlW4hPPlT0n_DUu0sdGL3OrCbxlO5n_IJoHLPhUhaFXo-G5Lr3W_4-wPc52QYztHQpZEyCPr-EdfAPNykrncz4GC33YdvVqmACWseSEZGkGfIkhwCnlR97x7raM7kTxXsJJDru_HPUyQo2ZPBIw4waTLGBFDO_TmxceGwzgTnbmJWMSzBBp6dpmtk4HOLWbdX7d5ATlaWuoEVyaCHaFg6igC3yA3FDPWuzFE1W3dvlvSu0JcNrRxm0AkfWP_UOTpCVCYgC4R-8U0pVtDbSCgETB2nSGlvmuO1vSAXvgs5RKOX68-CPt85BqXtcAbtoKr5HZzgnhLK-6pxRSr3j69bxGzKNAbwE_hpb-HtfKX3eIRJZQ-liSgzxXuQcgGHDlZ_Cpe0VFyuK4BgOrj97lYpu_ubBRvJGD26jdf-WjacEvbd5yYmPhgD4RfN-k6sa6duzJruLSgHT7X2Xl2gb2e-xDdTd5G70b26Xt_FxGuDD0PRjG1BU7stCifL9CzJ0iWqsWPEAnpY_noC55HghP1sK2yPxlsZh8_uZZRVz4NyZ2cvlN2Gp8payjCZS-dmtgReRrwQPZFid6l827sFCSpXyuvCGtfdrhlP6SzVMvx_ovPy_pgV0HNBztQbpcBFWCna8OVsKvEcQjivj2LQkVx0mYiLVkiEwueQc_e8LhIzIEHBnnYdX-uxWFHu7UY-TaA_iNT1dZ-HsZt5tOXqvRIGasbeksHZQzsPLgip4GqzmTOJ90h8hYOR89ZrJXqvUTMlnPob7SZTjK5a2ONzgSDus8lyDhjEJtHUOAL9sgiwqesgacNwy5u1eEVePArYEjrYZb6sDblQg57jvdgeHEhLh1Z0_iOAMzG8YDV7-baVmYapSjGnSaGFV4-6XuAuE2mn6UeyklF8U6CwwusiECS3EAL5zddddp0whWwPOr01oDj2v-O-vL7twtYfzNWK5VRq9MDn_FxJYC6BfoplV36Atsjjb_WGVUwTht0dvRJw4M2tsgMetdUiFBJaXvjiyH5dksjMxSJFGfqfKW-tS168TYI22u5qrv-DWLfo_8su8Fr2nyxqw3-EdDQPTpty2HDtrbL8eCnThsUXChAprtYFDY_7GAdxEqnNe07kCTRXyh3yY4JKn7F9qMKNFuMyyLJsYCQWJhjBvyTQklqAkAZKDVNBO2raq1FbLgBcy8eufNO2HtyD9OKBA3HKTKrnOexTmQFfGpC6J8qvWGDge8izQ8pfKuWSegdd7KP_oAyxUeQk54ORbPobu_xyQRucCPvrH2Yqehcx5HhKB9paV1TIy5dH6faoDJh8j9Jhvivn3yg1HlG8UAdB9IZ5arptCgsyvKqNPhEgchVqkNG7dF5szRjAlVWUSz2LJxcF__At47TZ2qd4KmH0uP7bnGT9N4Iu_NPUdFxXyQx_Yckv0qCyI-b3PRRKbChWtThF85xxwyuUpfFErL8ZEJ-aekiQ5RYSYcoSiCt1kr7iZWJlT5os0ThXdJp0dMKfi6r1bI4got-m-CNMsx-tJMcUxnbIZ9vtJpHoR7PUDm9sAfNk3G-Q7aNMR_yDjD4P5EfHYXRqY7j4c5-04ZhQu95ONSD1CEF-gmjrKqY8B4ug4VAjAZ_OGXr8g2INWXToc4Fcs18G0ySt6dE1H7mA7z2v4lxRxEH6s4OmVKwGNEbyYta0vWlRxNx0WM_WJdw7GQsbbTtrZcKPTCVVJNxxlOe8G9wfswEqSMkEbT9q-6vmaWSaw1jgW-pkMpvFzPvM_p49DLc5dohYduI6jDERrFXIYe66NN1tsLuZqd1gpWouxvuxbEb-KR-oHef_d0p9u_Qsz-8Of-rZauoU3T_n0W-L8rLULFh5I2MyQyI9dFhM7o-GDQC0EunUYZynmrs_qpJ1ybW7e6M1LuFvd04RGXRJYLAEQmH1fhHTVOpYFZnIqgETqYeldsxaPLBjdnmoftu7ja90xUyCoH5MraEBQZHKD-vOHB5DGCgwXmuCKbneGrKDNX8SjlBtQpSwZTT5-o7wX1EAnhMnAjNYVXQ1fD30uYeos5TVi161G1iQCZLAirujoiIlcEX59bUQv6dXyIvKA1aIsdYJJ7gaankQxZzD3Ln1iGZMyDCul-MtpfS&cid=CAASJeRoDeaFLAmnWXAymxcngvF_hGfy9JHX1a8vtD8lN-jeJIkhg2wgDQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f154.1e100.net

Software

cafe /

Resource Hash

fa0c58d8bca74bd3b4a30b06c12986f0fefe6d2ab46bd38f8bad24ba678523c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15775
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FFF1 0
0 78ms
77ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtYjTLVgsY4uCE4SytweRsIuYBoW4-alsiv762sMQ8C4QASD7n4ZpYJXikIKgB8gBBakCrxOJjimEsD6oAwGqBJ4CT9DG2VNy85fuihdWUBQzLjgNUudZFT972YiKeXClouYVec0Yvh7Whl5VvBNPgNtrIAnUp2FfAOYD1PLYT1KgpzxKTKFh4E9RucA_FVQ4Jgfv2d4nyGJWfdsOAOdB6uvTtKtOEkkKVFDjKeq7smv-aRRCy6QkIajIGl4qSB_3Vq_WLTdputs1nUmzT96GlWWsZgsKeY5KP7gbeCfpwtY3d2JSLWNCOnH85ZVXQSH2xG9nM9_I3utHLIWrwoq__3dE484-1ETyGixVuH9M1a0coU-04ugpdObzdqhtaQJ7h8aHx_BhD4KvQ9YstwaedoE4vUthvhrC02E_3D9Dt9Xbyxmy8p9pKLkTVcIQoarxJx07whu8A4K13RYOiKdj9sAEpr2QqYME4AQDiAWB6cKMRJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH17u0xAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChC--wYYsIut0gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbATnIq7EMgTrpeO4QPQEwDYExCIFATYFAHQFQGAFwGyFxwKGggAEhRwdWItMzAzMDc4NTcyMTQ2MTQ3MxgA&sigh=i0LkBdFRcFs&uach_m=[UACH]&cid=CAQSPACsnQUxeuQ-BDJqRac-gcKehwJPqa-BZOLeDwY87jeOqfiNxNcOhN11j6VSq5svpBSeOKLJcbipXU7obQ&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 22 Sep 2022 12:42:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C32B 1 KB
749 B 39ms
38ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 11:21:15 GMT
etag: 48472445140208031
expires: Fri, 23 Sep 2022 11:21:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FFF1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f5e42c336d96494b1f41cb533a09ef917ad1fe0386d81fa148437f83929e6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C32B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJYKc8nrbkgxVOjW_H1X0Ps&google_cver=1&google_push=AZmPxg-99p6fidu9H1cqi3wUUa2b6rjpdDkP92zAkKj3u5kHo87v0nOqwH...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-99p6fidu9H1cqi3wUUa2b6rjpdDkP92zAkKj3u5kHo87v0nOqwH1mBAOhe1TY0kuUZbKA71jt-bsXW1DHboJhfVa-SY0&google_hm=IGR0cbjLzQUSU...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-99p6fidu9H1cqi3wUUa2b6rjpdDkP92zAkKj3u5kHo87v0nOqwH1mBAOhe1TY0kuUZbKA71jt-bsXW1DHboJhfVa-SY0&google_hm=IGR0cbjLzQUSUpp2K_ULCA

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-99p6fidu9H1cqi3wUUa2b6rjpdDkP92zAkKj3u5kHo87v0nOqwH1mBAOhe1TY0kuUZbKA71jt-bsXW1DHboJhfVa-SY0&google_hm=IGR0cbjLzQUSUpp2K_ULCA
pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame C32B 0
9 B 109ms
42ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg93PNOeFZ-gQizY6HiE_n9bp7-GsKcDBCvnKTR2pN7a2X5QSCghUis0MAx1M3ZlZHOWR_HA72N0C4IU6hfUZZeWNkIrJhDY&google_gid=CAESECBCRDBHIT3QlAPwt7FeDcg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C32B
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8p4Hy0...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8p4Hy0...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjQyMjIwMDAxMDgxMDIzOTkzNw%3D%3D&google_push=AZmPxg8p4Hy0TtGv1-l3g1AsHqcfIZCFRFisaTiL3yMMK_w3t3a4UIu4F4Jt1XinB3-dID...

170 B
188 B

45ms
43ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjQyMjIwMDAxMDgxMDIzOTkzNw%3D%3D&google_push=AZmPxg8p4Hy0TtGv1-l3g1AsHqcfIZCFRFisaTiL3yMMK_w3t3a4UIu4F4Jt1XinB3-dIDLCw3zuxBuN03saKTRxadPK8iSaaq0

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjQyMjIwMDAxMDgxMDIzOTkzNw%3D%3D&google_push=AZmPxg8p4Hy0TtGv1-l3g1AsHqcfIZCFRFisaTiL3yMMK_w3t3a4UIu4F4Jt1XinB3-dIDLCw3zuxBuN03saKTRxadPK8iSaaq0
pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 22 Sep 2022 12:42:22 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame C32B 43 B
64 B 76ms
41ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEC4EpSxNJ4ZRoEJUCP1ekZs&google_cver=1&google_push=AZmPxg-_eh9lA5m0d6s5enKSHKq2VxvbQEOAP7sYx8qZK8yQh6fyUPZEUHUWA0yNDPZdaylezdqswFaUHf4quGeZajDlhhl3knTG
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jb4vg2o49lbenu8is7mg4h0eg5aivj2s

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C32B 0
41 B 18ms
16ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKUU7gdrscWXoTsuZ7jw6vw&google_cver=1&google_push=AZmPxg_IOoK6MQ9NOIzLpz2qpDMxebCtGKXYuakMs6EA8148nkQVE8MJh508RKSu-01nAH9rshtaC4DKC5HdnxZQO2nOFXLITWo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C32B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJX_QaZzn_4WLc31KM-ve38&google_cver=1&google_push=AZmPxg-pVnEts7NAdejtsF4U0AuaXff_wq61FXK0cG4KTF22FvGtY6l-A-wSRXgi5njkYmYbpT3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JV0QtRy0zWkcx&google_push=AZmPxg-pVnEts7NAdejtsF4U0AuaXff_wq61FXK0cG4KTF22FvGtY6l-A-wSRXgi5njkYmYbpT3sY3RjuMcLXzFM8QHwJeRO8pOI

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JV0QtRy0zWkcx&google_push=AZmPxg-pVnEts7NAdejtsF4U0AuaXff_wq61FXK0cG4KTF22FvGtY6l-A-wSRXgi5njkYmYbpT3sY3RjuMcLXzFM8QHwJeRO8pOI

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMU5JV0QtRy0zWkcx&google_push=AZmPxg-pVnEts7NAdejtsF4U0AuaXff_wq61FXK0cG4KTF22FvGtY6l-A-wSRXgi5njkYmYbpT3sY3RjuMcLXzFM8QHwJeRO8pOI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C32B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC-x0gwd_mM9C6opxchPYmE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC-x0gwd_mM9C6opxchPYmE&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg-PBhkHCFefID_5c8fru5sEXoHLnqxli...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC-x0gwd_mM9C6opxchPYmE&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg-PBhkHCFefID_5c8fru5sEXoHLnqxlimrM5UJWX4R48UE_uRMlNmhsmv0Be5C1DwdGkhHTdYEmPU2vuLMe7i2KZJ4sQh7f

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OX7YteVSp7RAEBFa%2Bps8XPhJmXxGRT6E7V%2F2XuvJ51uNl4xxst8sALB04He%2BPLVw2vpBBZabPXVww2wdCOnqp8dPeU80Ra76F9JZSTPnO%2F%2F4HN00awa2Diy5QR0T5X14%2FaA2uPuVurwl5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC-x0gwd_mM9C6opxchPYmE&google_hm=YyxYLYT68EvWgMvTh_8JMAAAFBMAAAAB&google_nid=index&google_push=AZmPxg-PBhkHCFefID_5c8fru5sEXoHLnqxlimrM5UJWX4R48UE_uRMlNmhsmv0Be5C1DwdGkhHTdYEmPU2vuLMe7i2KZJ4sQh7f
cache-control: no-cache
cf-ray: 74eb1ec0aace9b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C32B 0
12 B 42ms
41ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lkg-AX7j2NlL5ZzEbNOB99_8R5lML5HHesPp7FDDpWfsDZz1qucrMeI6MYfW3_NhZN3vGg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3030785721461473&output=html&h=280&adk=3178293182&adf=1548396814&pi=t.aa~a.605839435~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1663850541&rafmt=1&to=qs&pwprc=1801388429&psa=0&format=1110x280&url=https%3A%2F%2Fsattaking-sattaking.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663850541264&bpp=1&bdt=1630&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df5bf5dba913bbd83-22884cbd49d7000e%3AT%3D1663850541%3ART%3D1663850541%3AS%3DALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A&prev_fmts=0x0%2C1200x280%2C1140x280&nras=4&correlator=7696811845469&frm=20&pv=1&ga_vid=2099045252.1663850541&ga_sid=1663850541&ga_hid=1530795358&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069510%2C44773614%2C31068919&oid=2&pvsid=1836520350354165&tmod=264658541&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=vKX5lAM9VM&p=https%3A//sattaking-sattaking.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame FFF1 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:58:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-5hneknee.c.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FFF1
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

132ms
14ms

Fetch
video/mp4

2a00:1450:400e:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/24E8A9B3A35A1CFDA95B1DBF55EF8226FC8F2276.2C8ABBBF004041BB3ACED9C1F7CE5166A8E91714/key/cms1/cms_redirect/yes/mh/P-/mip/2a03:1b20:6:f011::9e/mm/42/mn/sn-5hneknee/ms/onc/mt/1663848910/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Host: sattaking-sattaking.com
URL: https://sattaking-sattaking.com/

Protocol

HTTP/1.1

Server

2a00:1450:400e:8::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:42:22 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4923057
Last-Modified: Tue, 30 Aug 2022 16:26:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 22 Sep 2022 12:42:22 GMT

Redirect headers

date: Thu, 22 Sep 2022 12:42:22 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-5hneknee.c.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/24E8A9B3A35A1CFDA95B1DBF55EF8226FC8F2276.2C8ABBBF004041BB3ACED9C1F7CE5166A8E91714/key/cms1/cms_redirect/yes/mh/P-/mip/2a03:1b20:6:f011::9e/mm/42/mn/sn-5hneknee/ms/onc/mt/1663848910/mv/u/mvi/2/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 78B1 23 KB
9 KB 40ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 67961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 17:49:41 GMT
expires: Thu, 21 Sep 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 78B1 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:58:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 134ms
54ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220919&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

829f58fea680d4276ec3085fbf8c4b8fe8ee5ae80b025f08dcf9a53fbf4b1a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11303
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78B1 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BEEF4LlgsY43VCYXd7_UPx4OY4AcAAAAAOAHgBAI&bg=!U1ClUBTNAAZqQh0mSkI7ACkAdvg8Wpe0eG_C2DyMLifq1xcQbZZk7gkslWY1UmaxY-c4tAhgjLgu2gIAAABYUgAAAAFoAQcKAJ1Nn6hlKrUl2JbSViReDTeYbrqZM3UjlVc3q6ayj-vGeSkclvzNzQcxYsVUWYk0RdEb-J1qVcqaZqO-Lqgo1wOe1WvvY7ZhxM03p7g78EYBEc56c7C9ce8MQ4zFkCMmsj1S3E9xrRNTk-KVj7AJGRSL1VD0h_hw7WdW02Ts7toZSdawUNvKgq4jtAyNXeTerW4WUl97f5WFUEe-3WFnmQLQb1UqLhx8SyFvF42spi9lMEikv03lmexhwrUQEzM6fOE4fTMxbcnYZpcVXAu99szgzA6ZjulC2M245ltadMIe5zvnw_4peX6yTtG6I0t_mwhVnP92pDiPEvUEfnsFLaLDXxQtXy4ZGe-vvxQKC6nR5JUqPgQcnuOOAF8lqnO-USvELXZ2gz-G52_rK5389O49WpnhFFXQXAWgzJxJp1EF5GfzhiGRMd737zZ5vg5DHV5J6sZMhY_U27Zx0jdTS--hJWTw3UXezsr9NhlIi975G1Bkzv-slIl-5LS4U-Da8-TBFOmg1by_YiuSkXNej1XARxy4WFKROmdmB9I7mODbvLP6fcLg4rFIWZe_6oawrPGBZSBHCEnE52JX3lsNCVWRlP5nIYFTuk3HVxjchnCMSn3lXAFvDxq01Rvf_2pootct8poptnLvn1cCpGhT8JIT3HBT1usAM8KmciRQcr-x2Cmnn7x6d0DCQv8sOt_wiZscbGR-x_asDSFAu5pN-Dp961rRivSQWyO8URJXBWb8-zsD37iV2q-WRSCrOeUY4k8t-1EKjeyjCgrDOqhGOZBlq-65uhgUdPkQ5C8btWePlov2fOz9oZjTH_nhiR7HEuQDgm4UlvsIQTY0KrtbzizE7tFl621WMKlw0sFOuiyNmIn7nrspFVM8lubwgcGH7SnZ4nr6zXrxlQwQL7lSUWLzwjFN1l8PhrACdVXBIPiuZKppYmNh17Zjrr6urPnBVaIMMGrYWB-QKBhEb4Pf_8Cm7mxL7hDoX_901DyDl94JTzjbX-kLuXT9QVtsEMAt6hfF5jNCImuOVtJ8W6o2KuUIjcTSWPvB1q12zVo3hqcszhqZQwOzoId4lGi46DIcg8EmzHdLmxON8-FQW5jO6BEv0jvjRVXxisOf1-Li6Pmc-oSzwsuI56ySpJqWKWej16GChkx5Wt_wy-ldUjIXFGqV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r2---sn-5hneknee.c.2mdn.net/videoplayback/id/7d65e9e88d643e4e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1695386542/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FFF1 160 KB
0 32ms
15ms Media
video/mp4 2a00:1450:400e:8::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:8::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4923056/4923057
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4923057
expires: Thu, 22 Sep 2022 12:42:22 GMT
last-modified: Tue, 30 Aug 2022 16:26:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:42:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 40E7 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 11:48:30 GMT
expires: Fri, 22 Sep 2023 11:48:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2409 783 B
535 B 48ms
47ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24486352d94f3c126320a47ac0b5e4c7c87a1090418164019e43e84893c34daf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s665odZ9D-fRWLYt8EMr5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sattaking-sattaking.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-s665odZ9D-fRWLYt8EMr5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:42:22 GMT
expires: Thu, 22 Sep 2022 12:42:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 40E7 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 10:58:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2409 0
0 73ms
72ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220919&jk=1836520350354165&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 27B8 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVU1OKHXwtYGG0RUPZ896IL9X705cBsmUgnMDPo25WkYHTPWV7W4aXS0S3YUYpG_xszmgUclxhcB5d9l7RRB2qYtS-feKjk48qwaVTjSFyEm3UBXNc-UwXbICgDF8-Lub8S2SPfA&sai=AMfl-YQjxAyrYdY5emfZwRbvyW7UEO2oMCCckpkbLw_p7yuC23NyM1ICHdx5u_rNHXFt8EH9-Z8NWa_sD1RK&sig=Cg0ArKJSzMtZvZeIIguVEAE&id=lidar2&mcvt=1002&p=0,0,280,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2607616022&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663850540960&rpt=815&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 40E7 0
10 B 40ms
37ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LpiyTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:42:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame FFF1 0
17 B 74ms
32ms Ping
image/gif 2a00:1450:4009:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l8d1nita&c=8044471408370&slotId=4022235704185&qqid=CMvM5aO2qPoCFQTZ7QodEdgCYw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=926&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220919_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:815::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:42:23 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220919&jk=1836520350354165&bg=!xMelx4PNAAZqQh0mSkI7ACkAdvg8WjvMMTwtEhsP5YVVe6VG3gRL3fU0u9Qkx4y5s7JrtksNay524gIAAABxUgAAAAdoAQcKADhOIslfGdJC8ZeXHzcV3EYU2Bly8g05UOYLx7mvTQBfY-KqhAFb1GNxrzJgR48V-AoK71UAbfNQu5kCrM3o1V9UoUJ27T-pJMbG0hipGBaCmtg4ehNruMCL5XNs4umbXXvHyqA6EG5TdtXQHT3tQi_1o4xC4Du_UhhyqMHuhrVmy2sMcD_LFTm35ITWkHjUcK5NsZsHZph6zlwhBJYMkZuzAQsyVFw8uvjJPJCWcxF8M5gOQjvuXOuAB13z0oleOsmrnUKgrJdz7IJ5cUc_S0Q7dtYspSGQ_X9yt9H8NIiQTkcwMeDEdF1oUFRPIH-82JaMwk6EjvY8olLDIzM8yEGLUe0J7lQv5SCzc6k9_Br48csQDrfcVj8cyUH3faD0A9dGEUqESm1znSR11FgJePE5MshTSEM6BfgAZizOirbYI-t393vBSDdIJlGmt8_N3LXgXxemGFz7hr-iQEgq4xpdZayYyO9Ex8Fw7mnNvtsYcJ5Yzk-ZhJNBdS1c3wZAgocaWpEdsl_ZKyiF7wWR6OIVN4RQDHs-9LoWslZzgY-YFTeQrfRBm1T7JPSygTrKB_i474_wx-NOMFvLBRRBEzIhH9idVWxnMhjpLqA-8wjvXT2cZ7rHFx0v-Jn2vi3_BtCGb7v-6dQZ9h2EAFG7tppyZBnCDQhlb-jmSNeR4jUObYgFPBAMI9sIBfHOx31oJEYuYJDuJXyBKIQo8fD-eQs1Q5uMkD6rRw6Ea8KqHWrlLRTUwRiTG1EEonpZAg1K0ywjaOTl4xXbeaZDufdz8axEQ8B7MuqiA_MaJlY0UH45fg5XuxFJadCcPYDZdZL-im0AOcqfy4X2smEbCaKFQUCiL8LWq6sVSUGduFjlrOea_jOni9OqV8WgKHpU6wOW75M0V29_lKRVnG9XMpcQ8HJ7hMhzrcWe0wdublkcPQVjqKrQhTrrHUmVKkdltOiKFozsWSUdYqMg8RRD83wsKmk4sWNR1NRQLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sattaking-sattaking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEGyZ3GY5W14h4tnN8mw0aI&google_cver=1&google_push=AZmPxg-4rX4qQV4jl28XSLl0U-TUr8WMuGvsT6nnradxGq3Hbd0ZrsecReipCuuXQykIPfJrcG4x-AalWsqdMlPIiybmHuavF6ugCS0

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sattaking-sattaking.com/	1970-01-20 15:46:50	Name: _ga_G5QXZYPG27 Value: GS1.1.1663850540.1.0.1663850540.0.0.0
.sattaking-sattaking.com/	1970-01-20 15:46:50	Name: _ga Value: GA1.1.2099045252.1663850541
.sattaking-sattaking.com/	1970-01-20 15:32:26	Name: __gads Value: ID=f5bf5dba913bbd83-22884cbd49d7000e:T=1663850541:RT=1663850541:S=ALNI_MbxjB3Ezjfqk_Ef5B2PPqFvef9e6A
.doubleclick.net/	1970-01-20 15:32:26	Name: IDE Value: AHWqTUkZb0jHYh3HnxvpA0bKWAWSmFi8qkN0vlWBGQXTgaXpN_oA9cbsbbha-ECB8Ds
.quantserve.com/	1970-01-20 08:20:26	Name: d Value: ECsBCQGUJ4EA
.quantserve.com/	1970-01-20 15:41:04	Name: mc Value: 632c582d-e9d7c-f6740-42b85
.casalemedia.com/	1970-01-20 14:56:26	Name: CMID Value: YyxYLYT68EvWgMvTh-8JMAAA
.casalemedia.com/	1970-01-20 08:20:26	Name: CMPS Value: 5139
.casalemedia.com/	1970-01-20 08:20:26	Name: CMPRO Value: 5139
.agkn.com/	1970-01-20 14:56:26	Name: ab Value: 0001%3AkjVOwCmfJ5uhITfYQWjN1C32Lgk16NIE
.agkn.com/	1970-01-20 14:56:26	Name: u Value: C\|0CEAqvxSuKr8UrgAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 08:20:26	Name: CMTS Value: 1188
.e.dlx.addthis.com/	1970-01-20 15:41:04	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:41:04	Name: na_id Value: 2022092212422200010810239937
.addthis.com/	1970-01-20 15:41:04	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:41:04	Name: uid Value: 632c582eb50a0f50
.addthis.com/	1970-01-20 15:41:04	Name: ouid Value: 632c582e00015cc279a7c562f011cc661c22b1a4c243b4932cdd
.dlx.addthis.com/	1970-01-20 06:54:02	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:54:02	Name: na_sr Value: 20220922
.dlx.addthis.com/	1970-01-20 06:10:50	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:54:02	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEGyZ3GY5W14h4tnN8mw0aI&google_cver=1&google_push=AZmPxg-4rX4qQV4jl28XSLl0U-TUr8WMuGvsT6nnradxGq3Hbd0ZrsecReipCuuXQykIPfJrcG4x-AalWsqdMlPIiybmHuavF6ugCS0 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-vuLqC5ndodcCb_SQJ79nC4RVqHCQ4Y3CeUyiGYHIsCxvACl6Pv9t0pAdnrgdzP2fCQ0Z80VmEmZL1zejJRH4JB1-Zq-m0Fw&google_gid=CAESEFsJ1R9CL4ERnR0OXb5HEGQ&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg93PNOeFZ-gQizY6HiE_n9bp7-GsKcDBCvnKTR2pN7a2X5QSCghUis0MAx1M3ZlZHOWR_HA72N0C4IU6hfUZZeWNkIrJhDY&google_gid=CAESECBCRDBHIT3QlAPwt7FeDcg&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-5hneknee.c.2mdn.net
region1.google-analytics.com
rtb.openx.net
sattaking-sattaking.com
sattakingu.in
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.19.126
104.96.159.57
142.250.102.154
142.250.185.66
142.251.39.34
185.64.190.78
2001:4860:4802:34::36
2606:4700:3031::6815:4194
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4009:815::2003
2a00:1450:400c:c04::5f
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2003
2a00:1450:400e:80e::200a
2a00:1450:400e:8::7
2a06:98c1:3120::3
3.123.239.111
34.98.67.61
35.227.252.103
35.244.174.68
69.173.144.138
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
147e68f9f00d850b17ac7e12dfac6781a39219689e417427a5f575c364567f93
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fad147171c29106bbb5edc9af05b085d49650b8cc0002298e6230e99e648013
24486352d94f3c126320a47ac0b5e4c7c87a1090418164019e43e84893c34daf
2cc03f558834fce9af1439acc2e843f939e025d2fe9fb1404eee1419b8646888
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
3856b448be437068ea56f663b1da757f614882d06c60cf57944eb74786a2d4eb
423a41a41568dce3d3f9e1038dc20e4decbdd94f784cd23531a03fdda2aa6551
4356e13cdfd346a23ca693bcd5c7c74c84a7a1d51b1112f8b5ce5e328532ccb2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
472932af17e2a10b4bac7196189a8065b1259e8da82e789a1868b8264d063e61
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f5e42c336d96494b1f41cb533a09ef917ad1fe0386d81fa148437f83929e6e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6482a29157bc3f0eb9b651f75cb82f169a759c2cbf8d6de00c3a8147e7e2f89f
663c87d479e636e933b1d850955aa5328a5c54dc77bd3741ee83f26c65f8fd16
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6ab43bed44f903bbaffd278fcda9fc2f89ee6ffbad362702d9abdef13e1f232f
6c028e77c0875fefb3af8bf7683bf14fea4d880a00363b6992b0bd9b10860264
710b7af1dd5786f07505d798494d75a19f0323a86cb767125466ed8a46c09ba0
79fdfa1b990930a7eb9c64b4cdd3788c5bdb716fff312e02327858e7e8f64ef6
7c2fb2f53f28ddfc9fe690f62f03a79f9a8cda371bb1dc025b02495bc61d2966
80197e169a0babe74f13fa4fc4e33a2c0895b11581b2229461607476ad44b155
824a9d9843640ecfecb8a65c0634d1e434e1e1734a627ee3b61a8865a77b51d8
829f58fea680d4276ec3085fbf8c4b8fe8ee5ae80b025f08dcf9a53fbf4b1a15
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
941d8d302349cc131d0ebf5a19ac1c9cddeb6e554dbf4db79511972b388ac521
94a957bcb3fe55f62137039469d1ff8b8ce07598f8cc113a124cc76c0220dfa6
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f72488eb57c46dc4f5847c562159e5b6ced071739864a8c8a1105812f8bb917
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af761b25db49b35d3d63d3a9ec09977f4e825a52cc5619b453d37ecfccb6bd77
c6ecaf021fa8ca851888abbf381816b683c00213c29bb9316cd97750ccec5dab
d2b5abd66d49a9630fcb1d4759b66f304c053de2bb2de41ba0fc9f131e0072f2
d2fd3d95f54e2c65d65678ac3e7dad478f6503f5b9ff4ce1dce4456ea27de1be
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbe925bb4b63f87770d463ad2220a1be1e4553c620aa2689c3aea0308d202f8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6480171803c66741b9d13c44e06e9817bb8f51479574044d5226cb2dc28a897
e6a1e1802d19e40b456badc38e9d8fbe5e8aae7c931d64221749ad3024e01b9b
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e704073c7975eab6279392e749b96b26c5b57b997aece05fff39ed21b7be5b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa0c58d8bca74bd3b4a30b06c12986f0fefe6d2ab46bd38f8bad24ba678523c3
facba401b86077d880fd1b0db3f635f5dc61c135fd4e7ab8dfcc9c28562b2889
fd7df9746bba2caee2fd0abcb8f83ff6db76199f8fc50c6ff213f2c705a12460

sattaking-sattaking.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

90 %HTTPS

63 %IPv6

23 Domains

31 Subdomains

25 IPs

7 Countries

1282 kBTransfer

3354 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sattaking-sattaking.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

90 %
HTTPS

63 %
IPv6

23
Domains

31
Subdomains

25
IPs

7
Countries

1282 kB
Transfer

3354 kB
Size

21
Cookies

120 HTTP transactions
10 data transactions