officiallysp.net Open in urlscan Pro
2606:50c0:8002::153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://officiallysp.net/
Effective URL:
https://officiallysp.net/
Submission: On January 10 via api (January 10th 2024, 11:20:39 am UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 24 domains to perform 174 HTTP transactions. The main IP is 2606:50c0:8002::153, located in United States and belongs to FASTLY, US. The main domain is officiallysp.net.
TLS certificate: Issued by R3 on December 31st 2023. Valid for: 3 months.

This is the only time officiallysp.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
3	2606:4700:20:... 2606:4700:20::681a:c1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e0:... 2606:4700:e0::ac40:6a17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	140.82.121.4 140.82.121.4	36459 (GITHUB) (GITHUB)
1	2606:50c0:800... 2606:50c0:8003::154	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6 12	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	108.128.112.35 108.128.112.35	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
8	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1 4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:223... 2600:9000:223f:8800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1	16509 (AMAZON-02) (AMAZON-02)
6	91.121.248.44 91.121.248.44	() ()
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	18.132.155.94 18.132.155.94	() ()
2 4	142.250.186.70 142.250.186.70	() ()
2	18.66.147.41 18.66.147.41	() ()
2	99.86.4.94 99.86.4.94	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2002	() ()
2	13.42.80.79 13.42.80.79	() ()
174	35

4 2606:50c0:8002::153 (United States) 1 redirects

ASN54113 (FASTLY, US)

officiallysp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:c1c (United States)

ASN13335 (CLOUDFLARENET, US)

demos.creative-tim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:6a17 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.82.121.4 (Frankfurt am Main, Germany) 2 redirects

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.36.155 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.172.123 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.112.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-112-35.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.99.219.174 (Ahnsbeck, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Bad Bellingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:8800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.121.248.44 (None, )

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.132.155.94 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.70 (None, ) 2 redirects

ASN- ()

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.41 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.94 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.80.79 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	581 KB
32	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677 5994599.fls.doubleclick.net	166 KB
16	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 47118 hal900028.redintelligence.net — Cisco Umbrella Rank: 544669 hal900022.redintelligence.net — Cisco Umbrella Rank: 316061	92 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	7 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1241 static.adsafeprotected.com — Cisco Umbrella Rank: 988 dt.adsafeprotected.com — Cisco Umbrella Rank: 933	106 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	102 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	8 KB
6	medialead.de pv.medialead.de	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	94 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3594 ka-f.fontawesome.com — Cisco Umbrella Rank: 7350	99 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	5 KB
4	webgains.io analytics.webgains.io api.webgains.io Failed	38 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	309 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	260 KB
4	officiallysp.net 1 redirects officiallysp.net	60 KB
3	creative-tim.com demos.creative-tim.com	57 KB
2	google.com adservice.google.com www.google.com Failed	508 B
2	webgains.team cdn.track.production.webgains.team	4 KB
2	webgains.com track.webgains.com	4 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 15485	1 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 340274	2 KB
2	github.com 2 redirects github.com — Cisco Umbrella Rank: 2566	6 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	569 B
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 3460	132 KB
174	24

	Domain	Requested by
28	pagead2.googlesyndication.com	officiallysp.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net officiallysp.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com officiallysp.net
10	s0.2mdn.net	officiallysp.net s0.2mdn.net googleads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900028.redintelligence.net hal900022.redintelligence.net
6	pv.medialead.de	hal900028.redintelligence.net hal900022.redintelligence.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net officiallysp.net
5	fonts.googleapis.com	officiallysp.net googleads.g.doubleclick.net hal900028.redintelligence.net hal900022.redintelligence.net
4	5994599.fls.doubleclick.net	2 redirects googleads.g.doubleclick.net
4	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
4	hal900022.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900022.redintelligence.net
4	hal900028.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900028.redintelligence.net
4	www.googletagservices.com	officiallysp.net googleads.g.doubleclick.net
4	ka-f.fontawesome.com	kit.fontawesome.com officiallysp.net
4	officiallysp.net	1 redirects officiallysp.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	demos.creative-tim.com	officiallysp.net
2	api.webgains.io	analytics.webgains.io
2	adservice.google.com	5994599.fls.doubleclick.net
2	cdn.track.production.webgains.team	googleads.g.doubleclick.net
2	analytics.webgains.io	track.webgains.com
2	track.webgains.com	googleads.g.doubleclick.net
2	www.awin1.com	hal900028.redintelligence.net hal900022.redintelligence.net
2	adv.office-partner.de	hal900028.redintelligence.net hal900022.redintelligence.net
2	googleads4.g.doubleclick.net	officiallysp.net
2	ad.doubleclick.net	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects officiallysp.net
2	github.com	2 redirects
1	tags.bluekai.com	googleads.g.doubleclick.net
1	raw.githubusercontent.com	officiallysp.net
1	kit.fontawesome.com	officiallysp.net
0	www.google.com Failed	tpc.googlesyndication.com
174	37

This site contains links to these domains. Also see Links.

Domain
youtube.com
twitch.tv
twitter.com
github.com
open.spotify.com

Subject Issuer	Validity	Valid
officiallysp.net R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
creative-tim.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://officiallysp.net/
Frame ID: 65467D4A0F331F085295B5AE0111D1BB
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html
Frame ID: 1691FD7328D60690CC4DDFDBC8F7F7CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1548903334937961&output=html&adk=1812271804&adf=3025194257&lmt=1704750271&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fofficiallysp.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704885632721&bpp=5&bdt=620&idt=208&shv=r20240108&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4196197065856&frm=20&pv=2&ga_vid=1454615404.1704885633&ga_sid=1704885633&ga_hid=1823294991&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080263%2C31080265%2C44798934%2C31080236%2C44807406%2C95320376%2C95320868&oid=2&pvsid=544363262032322&tmod=1363589865&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223
Frame ID: 0DF3B065D140A0FBD53F3388F4616A80
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 24D2C7EE126E74D1C8534498C74369B7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D8DDD644848E2B8507BA196BB84D3DD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 30A7B757013AED9AB073BA2EB10BA1A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7C239131187E2AF5EC33A661BD1C72EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWB4FrYaaY28ZxaxE5C83JJ_TS8z8yYofbgDzhX95F37Bf9Y_rUSa3_gq7PV35TzNQbFeLDV3Y_VddOiq4--bZAZzCmALZfNjUta4fp3kYOpXb9b83h7Re9W2BQuwj9QRAgDVJAZqOKtb5XYWF6MnHt_fleGkYMf4JCsBRnzEnIfl4gfM8
Frame ID: 7602639073EABA120F4DE67C2D5D40EF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BD033AA95A97C77019F716378F82858D
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW4MD61oWub0_uJQ-4ZQdUi7PoPzEuU19b3OIlfwlUsh-6kVOnvsuXNKAbKwBl4E23tmmDaG6-H_Q9Nsl5hUSjemh3tqc38DpUwaYjCeJ_UPt4eNjWxT5JScxPnSG9-mSZp3w7n58nhDxCQ1jSzluo2z8-N4MqSESPpNe6fVQAEfMggOx0
Frame ID: 4B53DE3122D76645BAD44CB6D9DEA605
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 708594B97163673A082297814E4371E2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNOvnYICMAE&v=APEucNW3LFZvCD2EJQt6bjyDeyK_URW9toDLO1LDekm6HWAdAXspuepWweWJu2NdbH1evYRWxpdn7dBgm7X8ERKh1WrLT4vqkFReJVzdiGCHovJ21UwvVl57-q6xcmZXbvuaGlJZY6xJqI4RhXb2lnF32a12lmNDDa4S8P_3S4xzLOWKJQEe7as
Frame ID: 738AA408DE00CE19A17D4F8618682BB5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4A32C1DF107A47260F34FB5CBBF5654A
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F8D07E00CEBE995FC07A5BC8F9F5D11A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 4EB5784051126BDBE75AA9665295B63C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7C1062ADE88FA525D1955B5AE61FE004
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B8E53032371D935F489CC35FDE7CB6F1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2F4007A00A0B701726F254FED8054A94
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
Frame ID: FDF7FD3EBD05E8D4A10C337A72DC0C3A
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FCF7150F7E8A61DAF1CD3C063DBF03D9
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=13895000073631704444552012565028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 504E85D36093E8BACB15A434317FF902
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 79F56E1D852B74C756B9C6CBFAE4489F
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=11902600070464804444552012565022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 06E37C61883C0910DCA4455189F6DDDC
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 5C5CC98FA86D6AB792DB9F47B44BDE1F
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545
Frame ID: D3C774C2AA9C35006033CFD5C90E6707
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
Frame ID: D8A6DEA50DD2AB6FD04709A7D2745B65
Requests: 6 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683
Frame ID: 0ECD72097DC6664332677C651B0B8B51
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
Frame ID: 7D4F667BE06C1517D8621345B5815F42
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 994CF6EA5BAB1A4B41150C77A22DE52A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7B393B722C71AB080BA4092A6F7ADDA3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

officiallysp.net

Page URL History Show full URLs

http://officiallysp.net/ HTTP 301
https://officiallysp.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

174
Requests

85 %
HTTPS

49 %
IPv6

24
Domains

37
Subdomains

35
IPs

5
Countries

2113 kB
Transfer

6027 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://youtube.com/officiallysp

Search URL Search Domain Scan URL

URL: https://twitch.tv/officiallysp

Search URL Search Domain Scan URL

URL: https://twitter.com/officiallysp777

Search URL Search Domain Scan URL

URL: https://github.com/OfficiallySp

Search URL Search Domain Scan URL

URL: https://open.spotify.com/artist/3bCTMHv6VSXZeEeSyLVpek

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://officiallysp.net/ HTTP 301
https://officiallysp.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://github.com/OfficiallySp/officiallysp.github.io/blob/main/assets/img/curved-images/curved-10.jpg?raw=true HTTP 302
https://github.com/OfficiallySp/officiallysp.github.io/raw/main/assets/img/curved-images/curved-10.jpg HTTP 302
https://raw.githubusercontent.com/OfficiallySp/officiallysp.github.io/main/assets/img/curved-images/curved-10.jpg

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELg-IvW4qA4OIAzTwgbm1Mo&google_cver=1

Request Chain 53

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ59glgYbi50pZA5yc067QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECl919MoVz7Q_KpiP360vm4&google_cver=1

Request Chain 55

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIrS8niyziGN0nnAtDY_jIg&google_cver=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ59glgYbi50pZA5yc067QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEedCAAFjaNmUoXVHezqqV4&google_cver=1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

Request Chain 61

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ59glgYbi50pZA5yc067QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENjsnuRyCke4HoGeO31JUpY&google_cver=1

Request Chain 63

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

Request Chain 92

https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 93

https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 99

https://fw.adsafeprotected.com/rfw/st/1898970/77442736/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-1548903334937961&ias_chanId=1&ias_placementId=20903658371&bidurl=https://officiallysp.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ji37WxJXERv6GWFVa_aBaO&adsafe_url=https%3A%2F%2Fofficiallysp.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fofficiallysp.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-1548903334937961%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:bf2eb816-013e-0e04-cb26-77aa954d19ca,c:TDaL9,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5795db99-5d5xh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:112,mot:0,app:0,maw:0,fm:u0Xsnpi+11%7C12%7C1311%7C1411%7C1412%7C1511%7C15121%7C161*.1898970-77442736%7C1611%7C1612%7C1613,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:127,oid:45b2f12c-afaa-11ee-b9fe-96a8b8bb4b29,v:19.8.471,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

Request Chain 135

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545

Request Chain 138

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683

174 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
officiallysp.net/
Redirect Chain

http://officiallysp.net/
https://officiallysp.net/

5 KB
2 KB

133ms
111ms

Document
text/html

2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: e2175d899494c44e9a141b23816c81532d9f9256fdfadd1268c24f616d98a3ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 1851
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 11:20:32 GMT
etag: W/"659c6cbf-135d"
expires: Wed, 10 Jan 2024 11:30:32 GMT
last-modified: Mon, 08 Jan 2024 21:44:31 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 3a3996b7e2e721a6bac4a69f6680600c1d8366ee
x-github-request-id: 36BE:2E18B3:1C8FC10:1CFD915:659E7D7F
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230061-FRA
x-timer: S1704885632.981147,VS0,VE103

Redirect headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 10 Jan 2024 11:20:31 GMT
Location: https://officiallysp.net/
Server: GitHub.com
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Fastly-Request-ID: 76302541b24833eb00f0b3d074635958f2dcfbdb
X-GitHub-Request-Id: D812:1C4C46:316D897:322F45C:659E7D7F
X-Served-By: cache-fra-eddf8230109-FRA
X-Timer: S1704885632.861789,VS0,VE89

GET
H2 200 nucleo-icons.css
demos.creative-tim.com/soft-ui-dashboard/assets/css/ 6 KB
2 KB 471ms
427ms Stylesheet
text/css 2606:4700:20::681a:c1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://demos.creative-tim.com/soft-ui-dashboard/assets/css/nucleo-icons.css
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32b61de13ae99aea865f36d13ed70fb1bd60adf48498c6c2c582f995b309833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 80264877ffa082337e06b5f6ebd6981fca86e0b3
date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Wed, 10 Jan 2024 00:42:38 GMT
cf-polished: origSize=9015
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-yyz4575-YYZ
cf-bgj: minify
last-modified: Mon, 08 May 2023 11:07:54 GMT
x-github-request-id: 60CA:1164:9C78:15E5E:65829B8D
x-timer: S1703074063.021653,VS0,VE1
server: cloudflare
etag: W/"6458d80a-2337"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ow5s%2FBQGPm9TDYstyd1kVZeNgaX7j6gaKE3ZsIiF4ssc5v17hawuQ8qToWdtAQd1E7D%2BfEBI67va3fxiUiFqK8FPj4lYAdKTKql4YTUvb1HtmE%2FfU7HG%2BmKhe3vew8%2FmbxU%2Bs1rLVPew3F7h%2FnUoZb2laQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 84348800fa8b0408-FRA
x-proxy-cache: MISS

GET
H2 200 nucleo-svg.css
demos.creative-tim.com/soft-ui-dashboard/assets/css/ 1 KB
783 B 469ms
426ms Stylesheet
text/css 2606:4700:20::681a:c1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://demos.creative-tim.com/soft-ui-dashboard/assets/css/nucleo-svg.css
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e672d14899098bea44bae9df998d95db6b26aff6042a596ba7711fc62f51f2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 1fdae945bff96d672eeee76430a11ddcc63d7efc
date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
cf-polished: origSize=2253
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-yyz4533-YYZ
cf-bgj: minify
last-modified: Mon, 08 May 2023 11:07:54 GMT
x-github-request-id: EAF4:6B99:21CC63:2EC8F8:65826CA4
x-timer: S1703074063.042035,VS0,VE1
server: cloudflare
etag: W/"6458d80a-8cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RukRf8PZYbmodvyQz61RJDOh%2FYOKmV12to8gUk2kiRWxcgb54uZd3ny8VwJXldMvsdC1mHwggudTlcbA8S2LWEOvUX%2FYAkxaxsDfm1%2B%2BQNijfQV7L3vJiI6RqpY15ll%2BYdQgC%2FXMc9%2FkwiXLmlvuU%2Fb%2BHsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 84348800fa8a0408-FRA
expires: Tue, 09 Jan 2024 19:40:11 GMT

GET
H2 200 soft-ui-dashboard.min.css
demos.creative-tim.com/soft-ui-dashboard/assets/css/ 368 KB
55 KB 311ms
269ms Stylesheet
text/css 2606:4700:20::681a:c1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://demos.creative-tim.com/soft-ui-dashboard/assets/css/soft-ui-dashboard.min.css?v=1.0.2
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af090dc69e0db8bf73cd77fab63abcc02d4eb911df01fff657acbe2ab3371794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 1340db2dc5815d432d55c3b2b2f08d09b383bf4a
date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 09 Jan 2024 10:19:31 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
x-served-by: cache-yyz4569-YYZ
last-modified: Mon, 08 May 2023 11:07:54 GMT
server: cloudflare
x-github-request-id: 2800:1B53:99C566:D2DC4F:657AD916
x-timer: S1703074063.031387,VS0,VE24
etag: W/"6458d80a-5be03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZQW08tQn9NvLEl8IgYHqWLiKTF0ge4L93hNwznwG5HJbbOnxn6NBZp%2Fo3k6fFHb62Gr82LAscUOhNcbboEk%2BKX%2FDPCwPeFtotaHJefwRyYI7%2BmuFALitzcjQMFOFdFxJ0xqTTbiMhbHItVmbUqlMv%2F0eo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 84348800ea890408-FRA
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 11:20:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 11:08:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 11:20:32 GMT

GET
H2 200 theme.css
officiallysp.net/assets/css/ 432 KB
55 KB 132ms
130ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://officiallysp.net/assets/css/theme.css
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: ffaa6015ee7a544a65e65d67e97be008f81fba1463ecc8eaee17ce8a317e5f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 941500d481e472aac42dab69435bd3d85f8a828e
date: Wed, 10 Jan 2024 11:20:32 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 56612
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Mon, 08 Jan 2024 21:44:31 GMT
server: GitHub.com
x-github-request-id: 9722:16FB7:29F27BD:2A9C96C:659E7D7F
x-timer: S1704885632.110871,VS0,VE122
etag: W/"659c6cbf-6c004"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 10 Jan 2024 11:30:32 GMT

GET
H2 200 42d5adcbca.js Show response
kit.fontawesome.com/ 12 KB
5 KB 157ms
131ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/42d5adcbca.js
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc03394c410b465031aaf12d8d4e3595633c006f79c30956f2c266a52be4dda

Request headers

Referer: https://officiallysp.net/
Origin: https://officiallysp.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 84348800dcc39296-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6j4cxn-xkb8_AQlBd6h

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 111ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1548903334937961

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af35aa2c0413c213387125cbdb428febe6118224351fc873fabaf6b37665f767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Origin: https://officiallysp.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51484
x-xss-protection: 0
server: cafe
etag: 3470552065018204034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:32 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 40ms
20ms Fetch
text/css 2606:4700:e0::ac40:6a17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=42d5adcbca
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx3lXi%2BeZ19HnVPQAcF4g5HYYdbLw8O4YQ8QwNfcoFbwkXXQ0yw9irlxNPLVaXVrKuuxhpNj7pXmYg3Y6YuKH8gxU%2BTmt3vBwoBMd37Z5p3m1%2BJ60UIfVP84S9RjDPyd4tHkgvfbRxbJzX3oyYipxkuT3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84348803bc323644-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 9nhiyROb68MHsBNWf7Ga8eRwrmoh9GJdjuMS6Ahn2ODadE4z23LQUQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 39ms
20ms Fetch
text/css 2606:4700:e0::ac40:6a17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jL9%2BovYSL8GsTXXacok%2B%2BJgA0bEMlrrY6RGWttPLFzj6Ms22YMW0aU1VIaGEND4j%2BotSzLl%2BRASNWxg%2FRY739bIJh5e3pSs0e3J0zDbj%2BRCG7Nx8lszqUy1ZgDLACzhMySyLdTn2B4%2FRuvyXa6CLpzC7w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84348803bc373644-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: mHnfk3yvRkChRarqNqiohzPc2hmNflTcMzTMU3AJdb7ybGDlcLrPyg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 37ms
18ms Fetch
text/css 2606:4700:e0::ac40:6a17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZvGW%2F9wmIb3CcQ7kpXYItgexc7nqgtvhYgv2qBM9pPeQgeoN7TWqlZMhoLClyeZ9fqbwyMkFKHZ2vhXthVtrDzI8FHNUXu8r15p9qZ8%2B2v2v%2FaOGukIna%2Fj2DUjauSIi5%2BKJFrY74GBZRoXWFqXhg3NAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84348803bc343644-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MWASqASUMVzzppCDIkV7GCXBYwH7kW628O94KYOA3x0nbr7z6r1_9g==

GET
H2

200

curved-10.jpg
raw.githubusercontent.com/OfficiallySp/officiallysp.github.io/main/assets/img/curved-images/
Redirect Chain

https://github.com/OfficiallySp/officiallysp.github.io/blob/main/assets/img/curved-images/curved-10.jpg?raw=true
https://github.com/OfficiallySp/officiallysp.github.io/raw/main/assets/img/curved-images/curved-10.jpg
https://raw.githubusercontent.com/OfficiallySp/officiallysp.github.io/main/assets/img/curved-images/curved-10.jpg

131 KB
132 KB

211ms
195ms

Image
image/jpeg

2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/OfficiallySp/officiallysp.github.io/main/assets/img/curved-images/curved-10.jpg

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

61ac044e4a4175dce3b7128eb048ed956cf41a2b03e9a86fe78ff5b9fc6715a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 4f2cec63e799b777ba6806959d13a13498aeea55
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 11:20:33 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 134275
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230106-FRA
x-github-request-id: DCB6:3F2FBB:165B7A2:1751880:659E7D7F
x-timer: S1704885633.058825,VS0,VE186
etag: W/"1c5531af5cbc75b9aae547e1e5a849bf1fdd969898c2ac1fae7227bf05b356df"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Wed, 10 Jan 2024 11:25:33 GMT

Redirect headers

date: Wed, 10 Jan 2024 11:20:32 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server: GitHub.com
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com support.github.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id: C302:26964F:6FE5694:70FB16A:659E7D80
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options: deny
content-type: text/html; charset=utf-8
access-control-allow-origin: https://render.githubusercontent.com
location: https://raw.githubusercontent.com/OfficiallySp/officiallysp.github.io/main/assets/img/curved-images/curved-10.jpg
cache-control: no-cache
content-length: 0
x-xss-protection: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 50ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://officiallysp.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 06:01:29 GMT
x-content-type-options: nosniff
age: 537543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 06:01:29 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 18ms
18ms Font
font/woff2 2606:4700:e0::ac40:6a17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://officiallysp.net/
Origin: https://officiallysp.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehtyQZbpJ0fzkEQHjVy49vleUsgcQ7gCFWfBJMQ21q%2BrCMnNnwPptRS0v0l0x9vcD8saq9MxyjWlOyGsvJ%2FXz3jauTCuulf%2Bi7y4CjpBDY4aQMHo32Rzfx8%2Ft2rGGmhhyOjcGIIxh%2FuI18mHUs0wqF3v6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84348803ec9a3644-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: SGoEx1BVbzNXKTXVtGzeTDsob6KZ8wdIzI-4wr_qJDp8OMlt_B7FLg==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/ 401 KB
136 KB 112ms
82ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1548903334937961&plah=officiallysp.net&bust=31080236

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1548903334937961

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e52b0500986e2b74b81f4b0bc3ca71f214a8147dbe92e01a21f31b590981ff2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139142
x-xss-protection: 0
server: cafe
etag: 12197278701575373840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:32 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/ Frame 1691 9 KB
4 KB 84ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1548903334937961

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:00:55 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 19:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DF3 313 KB
71 KB 791ms
790ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1548903334937961&output=html&adk=1812271804&adf=3025194257&lmt=1704750271&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fofficiallysp.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704885632721&bpp=5&bdt=620&idt=208&shv=r20240108&mjsv=m202401040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4196197065856&frm=20&pv=2&ga_vid=1454615404.1704885633&ga_sid=1704885633&ga_hid=1823294991&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080263%2C31080265%2C44798934%2C31080236%2C44807406%2C95320376%2C95320868&oid=2&pvsid=544363262032322&tmod=1363589865&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1548903334937961&plah=officiallysp.net&bust=31080236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d44403b8347f326bf8503d5ae994a1b17195d2b093e317cb048aed913f914b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:33 GMT
expires: Wed, 10 Jan 2024 11:20:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/ 161 KB
55 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/reactive_library_fy2021.js?bust=31080236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2520e71327f061ecaef4c0c743d6ae5bb4c0f1764636e19d78c6acb7bbd7f0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56088
x-xss-protection: 0
server: cafe
etag: 9150451134388277461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759926%2C31080263%2C31080265%2C44798934%2C31080236%2C44807406%2C95320376%2C95320868&hl=en&pvc=544363262032322

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/ Frame 24D2 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 10:56:37 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 10:56:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/ Frame D8DD 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 10:56:37 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 10:56:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/ Frame 30A7 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 10:56:37 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 10:56:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/ Frame 7C23 9 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 10:56:37 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 10:56:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 24D2 4 KB
767 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 11:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 10:07:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 11:20:33 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 24D2 205 B
650 B 65ms
23ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:59 GMT
x-content-type-options: nosniff
age: 94954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 08:57:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 24D2 604 B
694 B 65ms
24ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:15:10 GMT
x-content-type-options: nosniff
age: 7523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Jan 2025 09:15:10 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 24D2 16 KB
7 KB 113ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 08:47:58 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 24D2 22 KB
10 KB 84ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 20:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 20:31:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7602 624 B
246 B 58ms
57ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWB4FrYaaY28ZxaxE5C83JJ_TS8z8yYofbgDzhX95F37Bf9Y_rUSa3_gq7PV35TzNQbFeLDV3Y_VddOiq4--bZAZzCmALZfNjUta4fp3kYOpXb9b83h7Re9W2BQuwj9QRAgDVJAZqOKtb5XYWF6MnHt_fleGkYMf4JCsBRnzEnIfl4gfM8

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:33 GMT
expires: Wed, 10 Jan 2024 11:20:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BD03 89 KB
31 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BD03 3 KB
1 KB 108ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 11:12:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BD03 20 KB
8 KB 77ms
17ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD03 205 KB
65 KB 111ms
79ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD03 42 B
63 B 54ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B03cRHaScSWnXHuzaxP3aH2qLzw-5p3OqMwgKE1EB4R7__zqvHOxlgj-i_bzjXllatZvTYEk9pju0zkKxA0XFPhwsRVJXnYY75-eNkV83yvYygpD8

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B53 624 B
246 B 59ms
58ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW4MD61oWub0_uJQ-4ZQdUi7PoPzEuU19b3OIlfwlUsh-6kVOnvsuXNKAbKwBl4E23tmmDaG6-H_Q9Nsl5hUSjemh3tqc38DpUwaYjCeJ_UPt4eNjWxT5JScxPnSG9-mSZp3w7n58nhDxCQ1jSzluo2z8-N4MqSESPpNe6fVQAEfMggOx0

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:33 GMT
expires: Wed, 10 Jan 2024 11:20:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7085 89 KB
31 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 7085 3 KB
1 KB 91ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 11:12:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 7085 20 KB
8 KB 90ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7085 205 KB
65 KB 96ms
80ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7085 42 B
63 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B4zokyydzs9vPUpK5VGCUrTppEJ5-CRSg4pcte3Z0AdpopsTtaXrGnZeSqDX6BqLtXmINhTM1_AMbrcHtPJNINBtm_NXtjtKs4j4OQy-0SEWRKcOM

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 738A 624 B
246 B 83ms
82ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNOvnYICMAE&v=APEucNW3LFZvCD2EJQt6bjyDeyK_URW9toDLO1LDekm6HWAdAXspuepWweWJu2NdbH1evYRWxpdn7dBgm7X8ERKh1WrLT4vqkFReJVzdiGCHovJ21UwvVl57-q6xcmZXbvuaGlJZY6xJqI4RhXb2lnF32a12lmNDDa4S8P_3S4xzLOWKJQEe7as

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:34 GMT
expires: Wed, 10 Jan 2024 11:20:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4A32 89 KB
31 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4A32 3 KB
1 KB 98ms
67ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 11:12:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4A32 20 KB
8 KB 74ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A32 205 KB
65 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A32 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApbSdX303xK-kb93eUvNcabcJmatP539ElVKcYv46rrVWtrsVVJE7Mb5Z4k8tNxW8T_IsDT_rs6BlbVBgRIwd40QTRm8ffOGBHpstznooG84m0_pI

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F8D0 14 KB
1 KB 65ms
65ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 10:06:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F8D0 2 KB
903 B 54ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:11:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame F8D0 23 KB
9 KB 53ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 03:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 03:20:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F8D0 3 KB
1 KB 52ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 11:12:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F8D0 20 KB
8 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8D0 205 KB
65 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame F8D0 37 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 09:13:33 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7602
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELg-IvW4qA4OIAzTwgbm1Mo&google_cver=1

43 B
770 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELg-IvW4qA4OIAzTwgbm1Mo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWB4FrYaaY28ZxaxE5C83JJ_TS8z8yYofbgDzhX95F37Bf9Y_rUSa3_gq7PV35TzNQbFeLDV3Y_VddOiq4--bZAZzCmALZfNjUta4fp3kYOpXb9b83h7Re9W2BQuwj9QRAgDVJAZqOKtb5XYWF6MnHt_fleGkYMf4JCsBRnzEnIfl4gfM8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78aQNMjBllekwKBjIIOa8qf%2Ffhs7wlDPyiRd4bbI1wPg5mNxyXPy0sYZyzhBSrMmu2N7IHcTz%2BOqHWF0146AqXL8Kwuz6CW7ixhJRHgyN3RLPXzyfwSWykffV1PNnxHD9IVU%2FBEQNqy3dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8434880d6fe39202-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELg-IvW4qA4OIAzTwgbm1Mo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7602
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ59glgYbi50pZA5yc067QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

43 B
730 B

31ms
31ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWB4FrYaaY28ZxaxE5C83JJ_TS8z8yYofbgDzhX95F37Bf9Y_rUSa3_gq7PV35TzNQbFeLDV3Y_VddOiq4--bZAZzCmALZfNjUta4fp3kYOpXb9b83h7Re9W2BQuwj9QRAgDVJAZqOKtb5XYWF6MnHt_fleGkYMf4JCsBRnzEnIfl4gfM8
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuVQeLaFkp4FJGJresVLubI5GK0uc0Ryrzmw0Dm61iXlk6J0jn9j6HRoEeHq3rLPccIun%2FYsaRZNRhRl1Bj1wXg32Uvmt5dNv3Axcv%2FUvEYe%2F7golfDm6PuLKI1v75GXvdrJL42F6DDokw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8434880d981f9202-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7602
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECl919MoVz7Q_KpiP360vm4&google_cver=1

43 B
1001 B

10ms
8ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECl919MoVz7Q_KpiP360vm4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNWB4FrYaaY28ZxaxE5C83JJ_TS8z8yYofbgDzhX95F37Bf9Y_rUSa3_gq7PV35TzNQbFeLDV3Y_VddOiq4--bZAZzCmALZfNjUta4fp3kYOpXb9b83h7Re9W2BQuwj9QRAgDVJAZqOKtb5XYWF6MnHt_fleGkYMf4JCsBRnzEnIfl4gfM8

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
an-x-request-uuid: bc9d699d-0513-4925-aabf-1cd141d61f51
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.245; 37.58.58.245; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECl919MoVz7Q_KpiP360vm4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7602
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

170 B
243 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
an-x-request-uuid: c76b52bb-7f72-4cce-b484-20b4634c76d9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D
x-proxy-origin: 37.58.58.245; 37.58.58.245; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4B53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIrS8niyziGN0nnAtDY_jIg&google_cver=1

43 B
734 B

31ms
31ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIrS8niyziGN0nnAtDY_jIg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW4MD61oWub0_uJQ-4ZQdUi7PoPzEuU19b3OIlfwlUsh-6kVOnvsuXNKAbKwBl4E23tmmDaG6-H_Q9Nsl5hUSjemh3tqc38DpUwaYjCeJ_UPt4eNjWxT5JScxPnSG9-mSZp3w7n58nhDxCQ1jSzluo2z8-N4MqSESPpNe6fVQAEfMggOx0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ahg6Di59xi3Khma0dg1MCJmI1s8xFupjmybCfssZ1poIwLBXOSsOd%2BFwIyxjDBXlzDagTM1m09k5Q4YteaY6NVokL%2B9b%2FMfn8SMJAJL%2BwI45difwdeEbT3PBmdsc%2FtyCoPQP9LT5lgi7%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8434880d6fe49202-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIrS8niyziGN0nnAtDY_jIg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4B53
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ59glgYbi50pZA5yc067QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

43 B
733 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW4MD61oWub0_uJQ-4ZQdUi7PoPzEuU19b3OIlfwlUsh-6kVOnvsuXNKAbKwBl4E23tmmDaG6-H_Q9Nsl5hUSjemh3tqc38DpUwaYjCeJ_UPt4eNjWxT5JScxPnSG9-mSZp3w7n58nhDxCQ1jSzluo2z8-N4MqSESPpNe6fVQAEfMggOx0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pu%2B1c%2FBizyEAHJcb0WSonEDvmakZ9Tjzjjy1lBt2zJa8exMHlugTXRicGBOHX0T3ptcBv0VsTZLqJVc%2BKr61nSKXfNWKdRy%2FybQTdnhZ1e1Qlg6C4fnkyBz1gfx9nqzRtxemPxNOScxP3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8434880d98229202-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4B53
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEedCAAFjaNmUoXVHezqqV4&google_cver=1

43 B
1005 B

13ms
12ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEedCAAFjaNmUoXVHezqqV4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxitm7vGATAB&v=APEucNW4MD61oWub0_uJQ-4ZQdUi7PoPzEuU19b3OIlfwlUsh-6kVOnvsuXNKAbKwBl4E23tmmDaG6-H_Q9Nsl5hUSjemh3tqc38DpUwaYjCeJ_UPt4eNjWxT5JScxPnSG9-mSZp3w7n58nhDxCQ1jSzluo2z8-N4MqSESPpNe6fVQAEfMggOx0

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
an-x-request-uuid: 064396d3-5e2a-40b5-ae62-325b444cc037
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.245; 37.58.58.245; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEedCAAFjaNmUoXVHezqqV4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4B53
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

170 B
232 B

41ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
an-x-request-uuid: 3191e91f-7bd9-4dc6-811d-8cae37b0d9cc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D
x-proxy-origin: 37.58.58.245; 37.58.58.245; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 738A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

43 B
732 B

23ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNOvnYICMAE&v=APEucNW3LFZvCD2EJQt6bjyDeyK_URW9toDLO1LDekm6HWAdAXspuepWweWJu2NdbH1evYRWxpdn7dBgm7X8ERKh1WrLT4vqkFReJVzdiGCHovJ21UwvVl57-q6xcmZXbvuaGlJZY6xJqI4RhXb2lnF32a12lmNDDa4S8P_3S4xzLOWKJQEe7as
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhSBI2Cnww5qCI71mePxld0V%2B6u7hi8qFEUSCNPiKhkKJHizmDmSyDRu%2FxN0clfoPvgm%2Fw9U9t1jp9haLY69EBCzix2C9Ll5GtDBj8sGDHLKZ1rtMEubh4A%2F1LpvbUIWsELf30d0DvgSDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8434880d6fee9202-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 738A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ59glgYbi50pZA5yc067QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1

43 B
737 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNOvnYICMAE&v=APEucNW3LFZvCD2EJQt6bjyDeyK_URW9toDLO1LDekm6HWAdAXspuepWweWJu2NdbH1evYRWxpdn7dBgm7X8ERKh1WrLT4vqkFReJVzdiGCHovJ21UwvVl57-q6xcmZXbvuaGlJZY6xJqI4RhXb2lnF32a12lmNDDa4S8P_3S4xzLOWKJQEe7as
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKdo4yTRTX%2B%2BtcUUTRVEGRcESU1YwerUAS91B5QHZBInQsAlGQMCuK4r3Ed1KXCLszBIPkspjbg78xmdI0YuN4B2w10kPTFco%2B8DJ145iMPkkIo%2Fgu5edb5%2BsYG2E%2BvOPL711%2FC3cUQulA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8434880d98219202-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFRbYqLf2d0J3-eWtrUkcZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 738A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENjsnuRyCke4HoGeO31JUpY&google_cver=1

43 B
1010 B

7ms
7ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENjsnuRyCke4HoGeO31JUpY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNOvnYICMAE&v=APEucNW3LFZvCD2EJQt6bjyDeyK_URW9toDLO1LDekm6HWAdAXspuepWweWJu2NdbH1evYRWxpdn7dBgm7X8ERKh1WrLT4vqkFReJVzdiGCHovJ21UwvVl57-q6xcmZXbvuaGlJZY6xJqI4RhXb2lnF32a12lmNDDa4S8P_3S4xzLOWKJQEe7as

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
an-x-request-uuid: 280ce820-cb07-433c-b55a-617d3bdf8863
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.245; 37.58.58.245; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENjsnuRyCke4HoGeO31JUpY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 738A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

170 B
232 B

29ms
28ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
an-x-request-uuid: 473aacd9-b857-4fe1-91ff-30b9035c6c6b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY2NDQ0MjIxNTUwMTA0NzU5Ng%3D%3D
x-proxy-origin: 37.58.58.245; 37.58.58.245; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD03 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1257246499528&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD03 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1257246499528&version=m202309260101&ct=77&x=1&cor=9029329951505650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BD03 20 KB
13 KB 218ms
217ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByCj4c9i4IAsOYdn4yg9gDFbT4_jrDN9ZgbD3eiUX0YUCliJE113A8nznfa4SBMbikyFTE0xQEZV7N5CMA9BM3e2ekMmnEQRdNNcOl0l3QBebVjC-WCL2omo0JNwJ5DW9Jzl9QHdhinjvXyZV9CDKvsy-YVsGh-9NM9bJ5TPqkwc6cHLQqT5ZF6UsYhyNK-xw8fYbqF3qsxOKsIT3RxhEjI637Ow&cry=1&dbm_d=AKAmf-Cma52CgYh8vm6n_D0GSe9uJYCw_fWheDy5UuESZvL7zbZOxbKUpV-Tjh7UJJ3E89pcmwMBh5Ik3dzaEC2jX_7LV2NqHqKan0X9VWIPyubCdZHGadamdUbumdiHSxvVitc4nMm7mG3YTEEfrARsFxGc_dkJt1s0Se8OsWi6s0Xfc-m7roAsPbrAdZzMqinUBdlO9fgGlbVMc6ehhUog_WAmg1LR9RXG28jnV_SYIJ_cLwUnCBDoqPnZUV7t0d1tifwAlNrT_Zx63zPkr2sR905wL0O-xy7N_mBvhZqQOU0QbLDQWLrJ6HTSdIa7CCsUnLq0sZUXa4jR544RYvW-KNOjF4lFJFrVgXFsGYTKhy0AItOAH1IB91unxjQZPjL3E9E7zvXrZU7_dsxWOE_MxJ3rbgsVAejgp9KYuIvApXOraQQn63GdAZLFAeLFuKrhAqXFDkVbV3wUWs8iDTozpY_BDFxC52Oy-OaLs1J9Zf7JU6HJC0yRDjwEPyqDOsqP8V9IOT_-mpwWP3CF2o7ImudKIOTvtQ7KOrjaHgG9O0FMm50laBZUTz6CBP4Qi_8QYFSNo4Rei2O-UUC6pOa-wijV05aGuDFNqSh4GncDNNwb_bcVhWiPOmDIh6np5OnkilhY_5g3HQVySiEx7EPh__tbARmSfRmTwVj05ujxC135klom8DuM-VdOhnqsDBH7HbZFcscfP8Ssx8YyisdclIHZNqU3yyr6KHYExNYyj_QVaH6-5dOkzAWQAGVyiHaBuNTja3TdBJYTld7QlLNUVqxPtL-aI1QYw72u3SPVZgo6Sr1suXJSVyx3GpxilR5PDlxmsTiLqReknwbvKsVFT29LlKfMh8jRfMcd1Fz3Q9JYqt730NYWA7yImwC650P6m5XPliQ-_vJwcBWhHhKAniUEhPhqPyX2uT_nKGY8YLV6LTv8Ox7hIx71nBfpuZhsQ_8r6k-GqGMMNNYUZiOuEU7pNKh4TmDy8qAl6HyHf7UvrTw6LD8MtpxFFlJH6qTVOnjHHJVOaS-v9JrkgdvWoQ-c-da5puGKmeU_nWhVyGTXv4i4yFN_x4bDk7QZGd_nfUs174qXiNkeSJxJ2jwmJW6KfPXq8i-uWWqqiFMC7yKdZcL20KcPtML6YbGCi85mzHkhCgyKpBFNwAzWsC-SqloTvnArtts3ZMiBfp2FnRwP2SPpeH5_IW4-dhTowpop2SlCETvadONFA3DFzt1KjovH1nBU-dZmCY1HzbOqKEhw_rOBG7gqw2v8P3hmxkivxMbIGhdXFCHZqp0w4pcyVWrhxIWeKHZ6wzow5zpbvDZCBOmARrg9mJrflDkd0sAZI0nGibM-ZY5_aeQ_58kh6z12UPosNPPozQtWiQajHDmOEVJvmzN05Kzcn2_Vi8EitFu2GMHO9gJgO92pBzdM5rqaAh0MX7U-FNGOVkzUtYDT3D8w40G64e4NbvGQpocW--2Cb97g7aV8ivlNNOH_vjdcHLECCEhqtWcWp7pmXIJx_rzUfPNVfoNLg40miBp26sj0xAkS3fTzq8q6rJgVVRmqkrUgTJH8-VfkeydPDmBUOk55h7nCV6KwqAyXA_N6dLERzIzSaIHc7I8jiV1LBJPiRXf9ZKhMSMNZaN8E2rNdJh1_Q23foQPO6lF2-Eo7efrHWIlt8oBxvuFHMF1q7m7T3FMUvT8-fFtrre5x_7l0YoPx-S4HH98e3wqZdzfD4flvUu5ZLr6bb1NSqTdutiiPnYwihqPhApm5kGvToCeIAyihkAr23dC2qsConBa4rp17Mt0ixMyoXm0MSl_8uHJK0bDv3T87P97nXtSJGpH2tuxbI0HGPRH599Bnb7l7lidkrW0Vtm6tFdynsgS0a0GJTEs9NOPugPf0m3UnO8nfPQxsAn7pNLUl-yMT2zYlkSsQ32zyeDe64hp-FXSD2eeXniv-If9S3atCPFZgVCKCvf2JUuNUgtSq7LQS1TisyWUkpP6rG6uElhXDCwWg_3brUK5oZ6GTi5o-r7MykScLRpMHftcXdE727dAdr794cnij8PcyaCr2YYnWOBnKG9bzLgYoEc5du-gjX9NZbIc0ZC7IZ6wIR0X6e1Kl80-KlNlF2t-j0zJ9OEdAeifGGIgTvA4aISWdRQzJCpwU1D-c3D1d5h74pt75IQ0jhk7NW_KuKiUBmgNKFr97C08cr9NI0mjYsBx3TtPiJjttB27UzoibAJnPd6lA0b4tGvrExGtEcoBLWv9EuRz6qJLInyDnNUmE_PB-v7iyM3gGgRhHxKKaGg4zoZHywc1gLHcex4PDIZ7pUaegHBKV2PDgd78R6if3wJK0IrvyHDtZsE720PtBGf_8MaT7EFACzeNuGkG5LBTNNlN6GA8C9O0Eiw7PN2qBE076cJ9bnDiseEg53T7kW5ObABzXThoNkHSMSPpYilqJxvZaFYcDoyqbIOmAaBjZhJ8pGUa7zSaYfecjDSmgShcQQ1-3Sv6ymzxeBic-VkHw8q8h0wB8CILrXN4D116GUAl5-wkVYcFStf9Txm6XMD1uBQOMDsi4S8aWA0M-iTPAODFE2Lc-gZ2_3wy7EKHUVm6KRIrsRli6ENnEhUU_pcBtQM0975JMSdHNQeMje3R6tMEaUgwm0xRvlDhjL9R-TrsDIc430Q6dANo1q2NiGlACxfmS34JPVr2jN96gfo1p8cSQBUXRDpcpMJ3kCsggGI7kI4YraiaqteC-GAcS62vkPvWArepCQ_f1Flg-9x2hnoEOCdSagT7v7fmbOqP0bnfoSSNTqsTH6rcE5HJZoSfNZ9f0zFVItK6CX-AENliJWIqtcWxL3uZWAClU2Ul7QUOfiQl-EBVZ2L1DicHyaMb0tPMyKYH-OZmVZhk-IJBvVs2DvjrFNYQ4z0fsQxoz9lnMfOGygxlEuZ13XkTYa-hvQ4q_kQKBJffHes7-7EfPUpOH-R3s_OLQ0xc71Cs-unGdI09jjrGP0YeGbsEA3ZYSGSPgvWn7D3a6qZSOejwy_HjZ58cmtI9SaAJhvmNN1LQ5N1lds0OONCMh3FC0ZnQXkKgO1oRJSkaZ84D1L_aAqm0HMAdyvrXJkWwcH1QVxK0sUKa4DU76vJi6yMeFGEscjT5Ifli79EZoDQ0h1_9J2AzjcBuIoIsz3KFi-Wc6M2FVdHMxei7br4zuvCqkx6IammWkgx9tOkhuuXEuCDfX2INviVjmRGC0VcH8ffW84VIV3u4g-w8ik1pCp605BUkcdczRTMV5vYSrojy8qEkdxnBf-f1w-6Ua03zK7X3a19gkOufNkv47j20mShfXaL8PMlWHq17nGuy0OatxtLXEYjfHi2ty5JsG9WDJp7usprelSYQBWoF9KxOBypnfb728POestqRIkqncS-UqVgvC5bEN8VevqideyZEE0ceCAaxKscN8_EOQ5iCuifDp9-Op8Oi3Yrl6mcXsVq6MAsNJbOQd63gF_suFYJvivcc0XPIkYRoPbyzvnfVc2r4TL8T7ZQ6saTOyT92AcuS5bKt-CwjTqu_A4iQ-R0GLFW0usyGFYDBnC_yP1w-EYwnrsHHu5TYA7NCVicsg9zn_zJyoeK802y773IA3_OpI1Ed-LyTnFwt31ooBZZH4Tlc5HgbNJc52zmyiIvhkRPfporV0LL46cOioi18dtUlWfNtuzj0yO7r_sIi0YRSUDR3MgFrrMJ_eGP2n9h1shYRzii12kWGCQwti5j3Dr9vGVeeyeoMOvM6bFlN3bdvHDB5P5E683TYDm9aCnmxRkq-EaI6HCnSf_byb8Ptx_W8nPlDl8A&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fofficiallysp.net%2F&ds=l&xdt=1&iif=1&cor=9029329951505650000&adk=497053792&idt=128&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db7b1fa96ad618e1616ff9e4efbeeef4f5d153541e9797beeb91fc5fef187ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13608
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7085 0
20 B 60ms
60ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8836859331711&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7085 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8836859331711&version=m202309260101&ct=77&x=1&cor=15246741175759147000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7085 20 KB
14 KB 199ms
198ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DicirFjg6JTBQwQpQENs6FHjC3MvkZ-Gi6g2wie0QGtwhK-YCSuo92xTrPyzVQ_1gk5MUcBq5-9kpoZKvVXsjJs9fW3yNHPqfZJkiVJu5mcz4J1OdRfYMB6-u-Ce4TIS8pIzK_QSmv2q5BMqkd73bRTQl5cz4PcgbJ_dPHihqqa68HD0K_5Vq01gU-5jgAf7FRwOkW-mrZvyvNOMd794PXooni2Q&cry=1&dbm_d=AKAmf-BoxOWC1rTZto7yfOVIrTaigLGFM3IPxsJPbIzdsXnATeNV9GAfjlIjBb-zAdluOV6US-ufRdyrwRXiYTdaPE6xmmOX_Omydrq8Hhs1_un3Y3JXBSJtyEb5EpBWXiEcSJPFrLlwmo7bnBWJ_9f7MQlGV11MkQPIMEjxVxjMHgGwRU5W4MLL_pmzJVi_sIJsu-tOdols4bKw2iUf9W1Qo_At62Vl_KVkqnCj_ZCy5QA9GLDX8jExtUF-pH8_5CU_b0Fen7z-sNSud2-zWvK43BLj9aLJHMj7XwjlLY-UQc9UprXY_--BW9wvxm-Ke6RtG3iooCh6HuWrteUh10g6snQRfEnoE4DCHLM2_JDlHId-TGfnWPoIfWeRaQVxeNRfD7-HfWpBP0Cgfa12IJK_gEs1YsSMiQBruHfNpJomVezXow3sOskcG3jTxZIgpbex3cMPEs5l4OrPi7lWGkIERvUACCm3MbfwiOVrkaw7xHdbnLYsc-D_VDGKBv8F3XA0m_UMTEqY5fLLzzzEUZsrI_I35QRXlaQw5XfekLXXDUQ0YjHP0XFYgS-gZAPG98Upw2huXlGxwZHewxR4OUhoyD-vaZyPAYJh4hmOtjP1e6gtDpzNQGEQaytj6boZLkd5iS8TwFDNm_xUD_jspdf42WA5FZlWNnoWJaYkinhlGGNQ647bZJqvqow1XymZnT0dKWfqT8DAt1GAS0_i6Ni_q-_zIcrrwj4SD98CNXOB_EPClXa8bwvGe4YUA_ZjhLfCeTKf76c8LaPyvnoLxBkkiQtlGrUyPvPruKay8qHXQM6Ogk2qjJk8HOjGA7XzOxNzXFXQZuljEESYn0BmF8cyb9Z-4iFK0onnkCQ82zNRns0Sb-aqJAledeLMyhlPJBz0wO4-2Qy9U8uyKDr9bBJKjlr5s838wWGFAoMWuR9XxgKWm8Fu8527QS_NZZH9gUXD1KjzIVJFw4_frYnVOMlamNIhQMkKJa5Ivz4fbQFABpzMMY2zLP28RBUzjy6tGoohjcv9-PBWkWohvyYMOBz0atXA03XWXXdKsQutLoIRElj2lINzh8LkZYOXnveTEVBoZMEKnRuxAZOgUz6JF5ph6UcrhKnwXRyvU_3cYA4MgIGzoisAKmZtjUNxXfUKpVUJmNT_eqqnmfCJcVh2PVY4SbL5l4k4RjB0bVZG6SV6gacM0qE6ZmKoli1GkgkCZuBFEwuFM0Fy1yCwzKdEuBXKN_lzw5PpN2glQ2diY_Otpm0lX-a7rc4GEc3mrvVF5ThlrT8YPK2PhOpY9wOmm1DRkABJemJJ5EWR2p04xJu4tIFq1HAS7gYA7EtZvL3P6Nvr6uBFY9ZQs67rMhKd5S-zsZsgh8EtQ-dPGk7VIdMfEBwUuzh7bVkfnieVdUDxHWkDnIsxzBxPnN0gGuTmyju5boogun0QfPJHpWE-jeh3G4c7ZexvpJlRS8y3Gx4rYrn5WwTZ1_SZ3fJ2NbEzcNlvT4_-FyOlKZWjDFsI_h6B0an-cwmUIcM2FduM5z-tbDa0eTsmbYHnymAZ7IgnbTvSPc_Bm1vkdzT7d14a2sG8qS-EegLd0XnEes_gmgjJ1ynUKmJ3J2fpXif70E4pTLnAhtodCKujaY9aLuQrcQ1IZFhfB11eihq2RwZNkp2T4mUh5X7MopsUpj0d33IhorRxEZ_GYDBftHOyjeVLYEPiRDVkJc0vXA2ZiIpyNRsWxsZkf0-laMkRT6_YVU9DZcwV-Ju0LckgPojedhVYNbws8FZWvwmyuQHUJwgb5qsZ1IVxitYvGYNzceO4IKI6unjxerT7t07TofjWo47stgGxaAYOI8IlZ89lcE1Os6LCgaYw1huk19vzNQLl_Jx76IF4Y9ReHI1w9nxx_2qY2Rv5BxEOtJVU7OgsKc1wTuxiEcxttA_KjG-dBDXHKzlFtf8DGOp17M2pHr9ccnCzI0QB7UzlalI4-2v9uWZ9RrlvyKFLa4889zyhD7PVJPSnT_ZpUHhcJ8VmKsBbNqMEwYPGRp9LiltlqLdbEXrMPDDHWac_tAEhJwUJew3mEdsbJPs6ZRZVS3S5vZID-tpPx2RNNHCS5r-yuot-3I5fqCBCkGyYu31lfUoFXQYIhwthMBb9qAYdF3RnDW8BK0PXVS4RtF9fMmKXi5SNLps243LxrAs-BsJw12PVpkHV5K1VRY6ZkHzL79QWzCamPNZ1711Yfam4s5Op5_PbwjZ9TDpACNf_O_Mxo9TnqxuS7ZFXsrspiDBMyyCisvw3FZ_GUdxb_4we6GRjJWrvHMZDQeejfTZG2mLhduvCM0Tvnr15ccCe_hASlw51IE9MzbRYLpq4pvnKiICaIHdqcl6Aj8-uvC8QXVl5C6E-Xufs5UIagTk--tEVf3SCng2BTu_y86Q50IoWMGn5Dz5H31kexwBr5c9IiEboNj1hc5Bfg2hFFJqEmHc55WWHD1tJTO4YN9bJniA38WGqaVDMXon3s88r0UC-ujbpFDad62H0OVooHQVLE_57i6MMb8SllIKnX2XJDZ_kBtGlej1Qc-OFJ91B2mHYYHyekjv0uL0AmHOpjTf_vhtHEpWLwXAwXO-Y7LiMz9uMXPLCqqZBC7z06gdz3EFoIK309xgB0lr1-o2eYV6UCOr2Idj64drXc9r7-B4dMnM1ithOU1dUJbLq0B61Xw-aa8XrYXSl8BaI-xu3a-nOwJUuc0d7hPvcG631RQPeKEfm9dsMu7TqJgcWb8bUTnpCQ_1Ch-Iz-GP80J0CsLX0k1x_udAG3GT--gPVvLEN9T5oMgSG4tB1UnD-UYKjh_5k4sQBbB0KGk-s1qi1GBvraK6IjGPnsAOAB2KvfrW4ycclxiyeV_nhVoMXNTMf6zunm-2iP4C8B_wQXjeVQXoHT5pmYDAvDSCsvnNYFsbvgpTXsj_4qR69laLnJEZZLdGkNXgaTPuh1RJ1JC1e51s4Fa_Pt8vzrc8JKuZ7WuIrMdpzFZuTGMy9ze62q33iX0knvYWm0hcRIvA5D0dXn_5Esub48v9D7xFruFKq_RGO5LuRy5S6RtnasAj22ui7clwwYDs0CaLSgElpdnC7epaSQ23rvR3XUK2I4Lut3NJPivyVc7VKMCNldTH7NyG3JZ83Jj8tl_dDNtd8tF7KZI-w3gVBlh2S9mTxDK6IOJgbwy_9D2Ln8uy-gR2PkQrQOH9cfLTomIJXmccBH04SBB_-JPm4wj5aFv1RZ6ny7J47mTWyX9XIkLuLkC_W6hz5RcNdw4dg5ZgtIm7TLFT017ZP2l0Lj68FIFtwS_Z-s2itgqHHxGAhMPZ3BpWJoty-htp8R-NL01iZbzZiMQFeybBiy8iQ0bBxYTAT8r6GY-jGGJZjkpXU7CeGtULqe6hPJbrACanXTyzmOtVf8kcP4HGs_hEXdnC5Oa2iLlE4RJYTg_cHbE3js6qk55_4JRB1t5D4bZcruQ2BH1EcMQtSe4tTMVaGRfynKTNupEFdNhdiKLlcwszGuutMQ-5YnN9wCbRQTEfKe3k6kMnEO1b67jmxUthfM3dRd7Up_0o_Wt9c2_okfN_N0Gx7p7Erqg-jennchU9ahjtk0YUn4VOL4ro9qLfU-EDv-dzI6B3TSnXqm45Gmo3h2anP1doF7OCwlW9h5uQKp1wNHP4WqBctHT1Va-mSPZ0EoKYLSyK936NhOBQxANjnXdsPMloEOK95BDbbTlX4AyxxZcK1m1PFrn6UQ_gMpjNoTPvtgMDRbBuBnYw1HOyccL1blaRqofaT04RplyvJYlm1JpPOnW_Ctr3jNTIDIMYkzg&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fofficiallysp.net%2F&ds=l&xdt=1&iif=1&cor=15246741175759147000&adk=1761367584&idt=145&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4232518142d105f2d2d70aed6fecee7d89970e82474606fed7dd2e05e0f74b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14022
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A32 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4075968295508&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A32 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4075968295508&version=m202309260101&ct=76&x=1&cor=10012990520414462000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4A32 109 KB
42 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Deicazxt9vOvcHLT1aCrAjGGOXNv8g3kgfRMjY55ltXDMBXKoqiF1pBkjtMzcpA0HggDf0-81OZbBKHZNdwnOrsAoD9uQIYPCYdztNs5lYZjVJi46KRU00oGnRJtcvxCs3jbk4-bDHi3ieixbXTJc2dEubBxzsh6n1OQXZyFI80bDfa267ONUQjmZV06L2zdsGNTeV35QQFjFGj2i2IpXMxGdRIw&dbm_d=AKAmf-AHJ-UzsbxTtvjTBMn67P89hGMOmA5HIbxRwtNryHKwu_HjItGnUw07c1X_lCVs1RfdT4N0Vyj2gYggU6QPITslOnpuyJAia8_w-dlRRCWyKEWLQpT1Tao2R8yS8vJVC8WjQ45d3f2KtELGE10w7BRbUGrGvVX-JVKKqqF7PKEnTbm8PWL2WEHL_CuSQeqcs50_cGKH9yaXne3dbLqDWi3VBrCYUqpzB0EY6pNNxmMYnP4emxpGOERkI30w6nKX0kffySNiUTwEk5fwy17lhr6FQ69gB_pjcGD5PxV9rowDA-4xL4q2bYRiCNSWX7OjMWUrC2p-u1wxkU10pAaR4vvnuPfjS0PaRXBLzf_bg668EJoqKCtzGuI2uOe31uTgC9003jcuCRyC_syL9Gq8wxiNCV9v1Z-cPaqguvoiGq4nAY7AThh7d1iNPZ9oZJisvbRn8AXHnmdOFzegfMh_kY6lhp_LqNu-RZs-dq9Tcai2ncK910navds0dnb74egFyeRMTT5fRFz2LRxTKKnvmsSmVtkp72IFpVnuC3HwYt-Y51K0bZ-HcIRGwiisSQGMfcNG-awgG9TYVMeWIuc6ZBQk1VawOLy8SRDy40z1TNa55eAVWqxxgdaappSGYE39ml_BrFFhq8QqGzPTTACWuyJ-FJGSBnY5V4oHxWo-PfjsQwDPr4xlMsr4Z6k2ywracmJoJBqSbFvuFrQQN7aqWuUuFbVXUjkBTMyeEiWXhRLhKHaNUE1gdJREUbfD52m6qPg2vEQcExoT4Z7RU3EBnanPRgaMBddROs1Zz7IhR2JWcuq32ZA8_XH5DeTcNy1p4rSepkEb0PkT_ON_cIMAHd2VS1TSEmIIuoccytbup0x8qa6Opqbq7q06xGb0o_BuVbwFl0bBbJUgerk4PRSbJ-fyNQc3hQek_kbyY6j8qeSP-rteXVdJV1RACcIhWl2QdzELK5PX4jLT6PNnlpDLzx8F9k7oaDmY_k3759MPg3ikuM-EyAxbC3aI75Gwe40M1sGkutxz58BEuGu-r2zCNZi8VTCBeuddCgkMr5sYaCM_VnzIQNXcdo9Bl21JMgDuBgaOtPjj73au1rghzinOeRS-1DO3STPica1ipx38k154CRL6pU5g_v2HFEERYdmI-fY5SbOZCcqXEws8JU5uIrtcHfOSe_FMxKQZsINMFndv2ZEwDBxZLFbNrOPfrYDZMZ4hR-vhdyB-fe2CR3E4OSpnJJZxXrQfVn4nPtIfW3kq3Kf28wJ6-DMxmhHbo9v7spwJVje1ETNPF3WD6pJ9BSw_nTm39dCkqad5hW356jGgEO87PuqELocV0wtv5rcgfkjtuWWTSaiYdRRIPjUDbYmr1XovI0dsKYXdNYCSu6WvwTcyCdpvzm7QMeThDateLetp6VWmSB1qV4U3KJiYPS3OueGR_OQQp0l4pl1fxEOl5Nw9HMrwPnxyPxIXo9B7x_xyQiuYAMLDEPoThBToJVjhiW0QuW9bf_EJKOQb7lb_5RWBub3TxXKzs0rh06SI68tPVzSVaWbJTaOrAIUzg28-BUVVlosoFOcL6GF74FqAE_yURP5xgoZY-5hoClBuqB3Umj-7ix5ZnQASZHyU-gRJ_9mlcnZzk0WCQijq49_WLy9CvNBUm-mItKzCX9i0H5l_cOJg2shwP5Oc45C0TH-ZLvSDhHOULWTekVQD7r_-EIIRDTsX6tFjlLczqo8qARIh1Gxa61vvqpyIRkenA4D5Qdl7t5u-TgtNV55cGKmBBgM8eEWavjbtQzqANHM7DovIX3VZrnDmASqspfbZBLxCt_6ksMl46fw7LGSdfVJitmbRWiQbKrjSjat6itTHwgSilVnnQkZTFDt208wybycaINltfARejMb7HEL0xsz8Qzrqgr_ydDR9megcrTLP2XX2pSyA1mE0JYpeW9qY3ei_GBuAL9eveoBcbfcxD8R1rAqK_i5hlFbomaHZ71iG99_yxum2YfV-20rKtYOPJQKyLxg3IytBiYS_sxuQc5QAf4gsYROjF7AdBUiWrDauz3sK-e24UL43CbU-CWUV2A-S1m2pgVFjOEAKT7v6vvHHPWlrL2gVS9bIyDGo94vMJaezZvBhXRgiuk45smy34jkyOyRAgHpjDDoi997Vi74ulK20ibIroqn7SfR81eMpoNCpQWgYpCW2YO-VhquGe5aC3gbhOMftDZvUHdJCCXktWJrK_M6u962u-d2x86Zoxeg6UUk95xPBM9oPK7il0OZB1FVsPSuNP1p8GltWHjp7gwh6lQamWBF7HlVikrfHOWWPom5zptubmuiFaXYtN3f1lWzZjWkqCcVNiWOuuImFyfdHgAR3FD-1RJOb3G4bU3W_6GsnvwU9U3UiQqAQ3Pq6hZJklzui3GXfflHqyPCmE7i45jA6vSCxIFfOOq3gvFGZmJ3YK_xrV2FXDOiPCPl28SgCi7z3Mwn4i3JGGVkGInTCPuk5TaWyCieArh2pbJh-Tw5MjcqJy9F0UlL4htKd67Dj0rZAZD6_4Ywmp6y-o3GEyim1UyG2YxHgobI2juikRpKlbZSiLxJYYRokoBdAJEldxU3tIi8tvJKu0CzMSn8cfPhyQHOeSdXG1JUXB3RVtJAR642u1c_vlYPWorXBwyBRxCzHyepPaJZsDjrm21kFRdu0MMO_eELwdYRjVqRa6uMxyatnd2-gv6-BH50nrawsQTD2ORaY45blzf0uba4t6NoHg87BJ2vLAyDaPPR-fRGWJxosfunqFHSTyLeW91Fu_gOyPRC8s_3xFPDsYjo-9zvHOrl6nHZK8_U6boRT5UeW3F4oPt_Q9hvaSxrfuxIkiLfiypQJYuaGe8HQrmwIuvJef_nu3B9dTStQJBElN2mZcUuggB2IIUjjEqsSXa1mSehBtoJSunKSSRM5z57Iy0scslOprV8bHXWdBePjtAOQIDYM-f6-PkHmwpXb0LejsOE1pdLKmOQHPZalnNrglm7y6s9axJSyoRhSLbNdFpny5owMvwZlC6zbalGFBsB8CBOrI-GzhdxygWzDcXVQj_hm_S1aZjrirqmFJ1P4H1r0nZQw-DRKRDjNcvhfF_1m8uwxn1a0dsooOo0jSlN8oJWHisoX4qTCcYF1ikhiVArVeb4TSNPI7oNoT3EAVrdehF4BNf7NmIAHfVrsaErvXOTbGTnJJG1gwtpkSXe7nSBmGGRuI-OVtE8E-XYKn9yUQaBFAh8_8XgwzUCuJOoLmXY0R31SdfvkjggoHrcVQw51urCpWaVWhFuleJaPmVU9sNHYfx8dnHQEQv2oa-SW9-gcXvYWcdNcAd41Bc3gHJ9t_REyb05kerIvkWfV7UbYCuND6DHiqIHNHwqH1rbmQ40jdO5SsEFQGd2ew4zfE353mpL1xLHd0NJeFLUDwTagzXkdwuoSCSIG_T-vgQA_UMKa2r6W8F-IX6IeeNaXjUh7vgGR52dhee5r5-0chAmzQkYlEwxPpM3Vvh_SzZeE9wI7pNvFVX_kZaoE9FzGYuOdc_MflaDRgRIuz822aaq8aqP7n-ymFIolJG7AiVvul2H56KWSqwCR7NiwcCyvJwBIfDZ5oQzTePRAmcB5jQrVpLW_xZ8MXsRtlPkjqaBIePakzlQuT1pRQ-P0BMyw5v217iHeKjZguTFwImR9PfhrySyk3rwZLdesyyEw9mmcMSKlYl7l0FNwIwvbeX-SsQWe08kW5kajaFb3e-Pu2bH0s8mk1uYg1dwB_5ZJuQ1e-yX3029apEFLlPxcDsFREi2X&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fofficiallysp.net%2F&ds=l&xdt=1&iif=1&cor=10012990520414462000&adk=1726166463&idt=155&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2734a62ced47951ed230ed3c383757af80f84b079f8f9e66e5ee7de203d983bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42524
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EB5 50 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:38 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1898970/77442736/ Frame 4A32 60 KB
15 KB 139ms
56ms Script
application/javascript 108.128.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1898970/77442736/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-1548903334937961&ias_chanId=1&ias_placementId=20903658371&bidurl=https://officiallysp.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ji37WxJXERv6GWFVa_aBaO
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.112.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-112-35.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a7b23b67962956c4e588664f1b1758afb4eda63be983549351204b15035d74b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4A32 111 KB
39 KB 102ms
25ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 4A32 11 KB
4 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Deicazxt9vOvcHLT1aCrAjGGOXNv8g3kgfRMjY55ltXDMBXKoqiF1pBkjtMzcpA0HggDf0-81OZbBKHZNdwnOrsAoD9uQIYPCYdztNs5lYZjVJi46KRU00oGnRJtcvxCs3jbk4-bDHi3ieixbXTJc2dEubBxzsh6n1OQXZyFI80bDfa267ONUQjmZV06L2zdsGNTeV35QQFjFGj2i2IpXMxGdRIw&dbm_d=AKAmf-AHJ-UzsbxTtvjTBMn67P89hGMOmA5HIbxRwtNryHKwu_HjItGnUw07c1X_lCVs1RfdT4N0Vyj2gYggU6QPITslOnpuyJAia8_w-dlRRCWyKEWLQpT1Tao2R8yS8vJVC8WjQ45d3f2KtELGE10w7BRbUGrGvVX-JVKKqqF7PKEnTbm8PWL2WEHL_CuSQeqcs50_cGKH9yaXne3dbLqDWi3VBrCYUqpzB0EY6pNNxmMYnP4emxpGOERkI30w6nKX0kffySNiUTwEk5fwy17lhr6FQ69gB_pjcGD5PxV9rowDA-4xL4q2bYRiCNSWX7OjMWUrC2p-u1wxkU10pAaR4vvnuPfjS0PaRXBLzf_bg668EJoqKCtzGuI2uOe31uTgC9003jcuCRyC_syL9Gq8wxiNCV9v1Z-cPaqguvoiGq4nAY7AThh7d1iNPZ9oZJisvbRn8AXHnmdOFzegfMh_kY6lhp_LqNu-RZs-dq9Tcai2ncK910navds0dnb74egFyeRMTT5fRFz2LRxTKKnvmsSmVtkp72IFpVnuC3HwYt-Y51K0bZ-HcIRGwiisSQGMfcNG-awgG9TYVMeWIuc6ZBQk1VawOLy8SRDy40z1TNa55eAVWqxxgdaappSGYE39ml_BrFFhq8QqGzPTTACWuyJ-FJGSBnY5V4oHxWo-PfjsQwDPr4xlMsr4Z6k2ywracmJoJBqSbFvuFrQQN7aqWuUuFbVXUjkBTMyeEiWXhRLhKHaNUE1gdJREUbfD52m6qPg2vEQcExoT4Z7RU3EBnanPRgaMBddROs1Zz7IhR2JWcuq32ZA8_XH5DeTcNy1p4rSepkEb0PkT_ON_cIMAHd2VS1TSEmIIuoccytbup0x8qa6Opqbq7q06xGb0o_BuVbwFl0bBbJUgerk4PRSbJ-fyNQc3hQek_kbyY6j8qeSP-rteXVdJV1RACcIhWl2QdzELK5PX4jLT6PNnlpDLzx8F9k7oaDmY_k3759MPg3ikuM-EyAxbC3aI75Gwe40M1sGkutxz58BEuGu-r2zCNZi8VTCBeuddCgkMr5sYaCM_VnzIQNXcdo9Bl21JMgDuBgaOtPjj73au1rghzinOeRS-1DO3STPica1ipx38k154CRL6pU5g_v2HFEERYdmI-fY5SbOZCcqXEws8JU5uIrtcHfOSe_FMxKQZsINMFndv2ZEwDBxZLFbNrOPfrYDZMZ4hR-vhdyB-fe2CR3E4OSpnJJZxXrQfVn4nPtIfW3kq3Kf28wJ6-DMxmhHbo9v7spwJVje1ETNPF3WD6pJ9BSw_nTm39dCkqad5hW356jGgEO87PuqELocV0wtv5rcgfkjtuWWTSaiYdRRIPjUDbYmr1XovI0dsKYXdNYCSu6WvwTcyCdpvzm7QMeThDateLetp6VWmSB1qV4U3KJiYPS3OueGR_OQQp0l4pl1fxEOl5Nw9HMrwPnxyPxIXo9B7x_xyQiuYAMLDEPoThBToJVjhiW0QuW9bf_EJKOQb7lb_5RWBub3TxXKzs0rh06SI68tPVzSVaWbJTaOrAIUzg28-BUVVlosoFOcL6GF74FqAE_yURP5xgoZY-5hoClBuqB3Umj-7ix5ZnQASZHyU-gRJ_9mlcnZzk0WCQijq49_WLy9CvNBUm-mItKzCX9i0H5l_cOJg2shwP5Oc45C0TH-ZLvSDhHOULWTekVQD7r_-EIIRDTsX6tFjlLczqo8qARIh1Gxa61vvqpyIRkenA4D5Qdl7t5u-TgtNV55cGKmBBgM8eEWavjbtQzqANHM7DovIX3VZrnDmASqspfbZBLxCt_6ksMl46fw7LGSdfVJitmbRWiQbKrjSjat6itTHwgSilVnnQkZTFDt208wybycaINltfARejMb7HEL0xsz8Qzrqgr_ydDR9megcrTLP2XX2pSyA1mE0JYpeW9qY3ei_GBuAL9eveoBcbfcxD8R1rAqK_i5hlFbomaHZ71iG99_yxum2YfV-20rKtYOPJQKyLxg3IytBiYS_sxuQc5QAf4gsYROjF7AdBUiWrDauz3sK-e24UL43CbU-CWUV2A-S1m2pgVFjOEAKT7v6vvHHPWlrL2gVS9bIyDGo94vMJaezZvBhXRgiuk45smy34jkyOyRAgHpjDDoi997Vi74ulK20ibIroqn7SfR81eMpoNCpQWgYpCW2YO-VhquGe5aC3gbhOMftDZvUHdJCCXktWJrK_M6u962u-d2x86Zoxeg6UUk95xPBM9oPK7il0OZB1FVsPSuNP1p8GltWHjp7gwh6lQamWBF7HlVikrfHOWWPom5zptubmuiFaXYtN3f1lWzZjWkqCcVNiWOuuImFyfdHgAR3FD-1RJOb3G4bU3W_6GsnvwU9U3UiQqAQ3Pq6hZJklzui3GXfflHqyPCmE7i45jA6vSCxIFfOOq3gvFGZmJ3YK_xrV2FXDOiPCPl28SgCi7z3Mwn4i3JGGVkGInTCPuk5TaWyCieArh2pbJh-Tw5MjcqJy9F0UlL4htKd67Dj0rZAZD6_4Ywmp6y-o3GEyim1UyG2YxHgobI2juikRpKlbZSiLxJYYRokoBdAJEldxU3tIi8tvJKu0CzMSn8cfPhyQHOeSdXG1JUXB3RVtJAR642u1c_vlYPWorXBwyBRxCzHyepPaJZsDjrm21kFRdu0MMO_eELwdYRjVqRa6uMxyatnd2-gv6-BH50nrawsQTD2ORaY45blzf0uba4t6NoHg87BJ2vLAyDaPPR-fRGWJxosfunqFHSTyLeW91Fu_gOyPRC8s_3xFPDsYjo-9zvHOrl6nHZK8_U6boRT5UeW3F4oPt_Q9hvaSxrfuxIkiLfiypQJYuaGe8HQrmwIuvJef_nu3B9dTStQJBElN2mZcUuggB2IIUjjEqsSXa1mSehBtoJSunKSSRM5z57Iy0scslOprV8bHXWdBePjtAOQIDYM-f6-PkHmwpXb0LejsOE1pdLKmOQHPZalnNrglm7y6s9axJSyoRhSLbNdFpny5owMvwZlC6zbalGFBsB8CBOrI-GzhdxygWzDcXVQj_hm_S1aZjrirqmFJ1P4H1r0nZQw-DRKRDjNcvhfF_1m8uwxn1a0dsooOo0jSlN8oJWHisoX4qTCcYF1ikhiVArVeb4TSNPI7oNoT3EAVrdehF4BNf7NmIAHfVrsaErvXOTbGTnJJG1gwtpkSXe7nSBmGGRuI-OVtE8E-XYKn9yUQaBFAh8_8XgwzUCuJOoLmXY0R31SdfvkjggoHrcVQw51urCpWaVWhFuleJaPmVU9sNHYfx8dnHQEQv2oa-SW9-gcXvYWcdNcAd41Bc3gHJ9t_REyb05kerIvkWfV7UbYCuND6DHiqIHNHwqH1rbmQ40jdO5SsEFQGd2ew4zfE353mpL1xLHd0NJeFLUDwTagzXkdwuoSCSIG_T-vgQA_UMKa2r6W8F-IX6IeeNaXjUh7vgGR52dhee5r5-0chAmzQkYlEwxPpM3Vvh_SzZeE9wI7pNvFVX_kZaoE9FzGYuOdc_MflaDRgRIuz822aaq8aqP7n-ymFIolJG7AiVvul2H56KWSqwCR7NiwcCyvJwBIfDZ5oQzTePRAmcB5jQrVpLW_xZ8MXsRtlPkjqaBIePakzlQuT1pRQ-P0BMyw5v217iHeKjZguTFwImR9PfhrySyk3rwZLdesyyEw9mmcMSKlYl7l0FNwIwvbeX-SsQWe08kW5kajaFb3e-Pu2bH0s8mk1uYg1dwB_5ZJuQ1e-yX3029apEFLlPxcDsFREi2X&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fofficiallysp.net%2F&ds=l&xdt=1&iif=1&cor=10012990520414462000&adk=1726166463&idt=155&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 4A32 31 KB
12 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:52:58 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A32 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 13:49:16 GMT

GET
DATA 200
OK truncated
/ Frame 4A32 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27286bd265f042457f1caa96edac56779a857197efc46c74e5fe135b6810476e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BD03 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByCj4c9i4IAsOYdn4yg9gDFbT4_jrDN9ZgbD3eiUX0YUCliJE113A8nznfa4SBMbikyFTE0xQEZV7N5CMA9BM3e2ekMmnEQRdNNcOl0l3QBebVjC-WCL2omo0JNwJ5DW9Jzl9QHdhinjvXyZV9CDKvsy-YVsGh-9NM9bJ5TPqkwc6cHLQqT5ZF6UsYhyNK-xw8fYbqF3qsxOKsIT3RxhEjI637Ow&cry=1&dbm_d=AKAmf-Cma52CgYh8vm6n_D0GSe9uJYCw_fWheDy5UuESZvL7zbZOxbKUpV-Tjh7UJJ3E89pcmwMBh5Ik3dzaEC2jX_7LV2NqHqKan0X9VWIPyubCdZHGadamdUbumdiHSxvVitc4nMm7mG3YTEEfrARsFxGc_dkJt1s0Se8OsWi6s0Xfc-m7roAsPbrAdZzMqinUBdlO9fgGlbVMc6ehhUog_WAmg1LR9RXG28jnV_SYIJ_cLwUnCBDoqPnZUV7t0d1tifwAlNrT_Zx63zPkr2sR905wL0O-xy7N_mBvhZqQOU0QbLDQWLrJ6HTSdIa7CCsUnLq0sZUXa4jR544RYvW-KNOjF4lFJFrVgXFsGYTKhy0AItOAH1IB91unxjQZPjL3E9E7zvXrZU7_dsxWOE_MxJ3rbgsVAejgp9KYuIvApXOraQQn63GdAZLFAeLFuKrhAqXFDkVbV3wUWs8iDTozpY_BDFxC52Oy-OaLs1J9Zf7JU6HJC0yRDjwEPyqDOsqP8V9IOT_-mpwWP3CF2o7ImudKIOTvtQ7KOrjaHgG9O0FMm50laBZUTz6CBP4Qi_8QYFSNo4Rei2O-UUC6pOa-wijV05aGuDFNqSh4GncDNNwb_bcVhWiPOmDIh6np5OnkilhY_5g3HQVySiEx7EPh__tbARmSfRmTwVj05ujxC135klom8DuM-VdOhnqsDBH7HbZFcscfP8Ssx8YyisdclIHZNqU3yyr6KHYExNYyj_QVaH6-5dOkzAWQAGVyiHaBuNTja3TdBJYTld7QlLNUVqxPtL-aI1QYw72u3SPVZgo6Sr1suXJSVyx3GpxilR5PDlxmsTiLqReknwbvKsVFT29LlKfMh8jRfMcd1Fz3Q9JYqt730NYWA7yImwC650P6m5XPliQ-_vJwcBWhHhKAniUEhPhqPyX2uT_nKGY8YLV6LTv8Ox7hIx71nBfpuZhsQ_8r6k-GqGMMNNYUZiOuEU7pNKh4TmDy8qAl6HyHf7UvrTw6LD8MtpxFFlJH6qTVOnjHHJVOaS-v9JrkgdvWoQ-c-da5puGKmeU_nWhVyGTXv4i4yFN_x4bDk7QZGd_nfUs174qXiNkeSJxJ2jwmJW6KfPXq8i-uWWqqiFMC7yKdZcL20KcPtML6YbGCi85mzHkhCgyKpBFNwAzWsC-SqloTvnArtts3ZMiBfp2FnRwP2SPpeH5_IW4-dhTowpop2SlCETvadONFA3DFzt1KjovH1nBU-dZmCY1HzbOqKEhw_rOBG7gqw2v8P3hmxkivxMbIGhdXFCHZqp0w4pcyVWrhxIWeKHZ6wzow5zpbvDZCBOmARrg9mJrflDkd0sAZI0nGibM-ZY5_aeQ_58kh6z12UPosNPPozQtWiQajHDmOEVJvmzN05Kzcn2_Vi8EitFu2GMHO9gJgO92pBzdM5rqaAh0MX7U-FNGOVkzUtYDT3D8w40G64e4NbvGQpocW--2Cb97g7aV8ivlNNOH_vjdcHLECCEhqtWcWp7pmXIJx_rzUfPNVfoNLg40miBp26sj0xAkS3fTzq8q6rJgVVRmqkrUgTJH8-VfkeydPDmBUOk55h7nCV6KwqAyXA_N6dLERzIzSaIHc7I8jiV1LBJPiRXf9ZKhMSMNZaN8E2rNdJh1_Q23foQPO6lF2-Eo7efrHWIlt8oBxvuFHMF1q7m7T3FMUvT8-fFtrre5x_7l0YoPx-S4HH98e3wqZdzfD4flvUu5ZLr6bb1NSqTdutiiPnYwihqPhApm5kGvToCeIAyihkAr23dC2qsConBa4rp17Mt0ixMyoXm0MSl_8uHJK0bDv3T87P97nXtSJGpH2tuxbI0HGPRH599Bnb7l7lidkrW0Vtm6tFdynsgS0a0GJTEs9NOPugPf0m3UnO8nfPQxsAn7pNLUl-yMT2zYlkSsQ32zyeDe64hp-FXSD2eeXniv-If9S3atCPFZgVCKCvf2JUuNUgtSq7LQS1TisyWUkpP6rG6uElhXDCwWg_3brUK5oZ6GTi5o-r7MykScLRpMHftcXdE727dAdr794cnij8PcyaCr2YYnWOBnKG9bzLgYoEc5du-gjX9NZbIc0ZC7IZ6wIR0X6e1Kl80-KlNlF2t-j0zJ9OEdAeifGGIgTvA4aISWdRQzJCpwU1D-c3D1d5h74pt75IQ0jhk7NW_KuKiUBmgNKFr97C08cr9NI0mjYsBx3TtPiJjttB27UzoibAJnPd6lA0b4tGvrExGtEcoBLWv9EuRz6qJLInyDnNUmE_PB-v7iyM3gGgRhHxKKaGg4zoZHywc1gLHcex4PDIZ7pUaegHBKV2PDgd78R6if3wJK0IrvyHDtZsE720PtBGf_8MaT7EFACzeNuGkG5LBTNNlN6GA8C9O0Eiw7PN2qBE076cJ9bnDiseEg53T7kW5ObABzXThoNkHSMSPpYilqJxvZaFYcDoyqbIOmAaBjZhJ8pGUa7zSaYfecjDSmgShcQQ1-3Sv6ymzxeBic-VkHw8q8h0wB8CILrXN4D116GUAl5-wkVYcFStf9Txm6XMD1uBQOMDsi4S8aWA0M-iTPAODFE2Lc-gZ2_3wy7EKHUVm6KRIrsRli6ENnEhUU_pcBtQM0975JMSdHNQeMje3R6tMEaUgwm0xRvlDhjL9R-TrsDIc430Q6dANo1q2NiGlACxfmS34JPVr2jN96gfo1p8cSQBUXRDpcpMJ3kCsggGI7kI4YraiaqteC-GAcS62vkPvWArepCQ_f1Flg-9x2hnoEOCdSagT7v7fmbOqP0bnfoSSNTqsTH6rcE5HJZoSfNZ9f0zFVItK6CX-AENliJWIqtcWxL3uZWAClU2Ul7QUOfiQl-EBVZ2L1DicHyaMb0tPMyKYH-OZmVZhk-IJBvVs2DvjrFNYQ4z0fsQxoz9lnMfOGygxlEuZ13XkTYa-hvQ4q_kQKBJffHes7-7EfPUpOH-R3s_OLQ0xc71Cs-unGdI09jjrGP0YeGbsEA3ZYSGSPgvWn7D3a6qZSOejwy_HjZ58cmtI9SaAJhvmNN1LQ5N1lds0OONCMh3FC0ZnQXkKgO1oRJSkaZ84D1L_aAqm0HMAdyvrXJkWwcH1QVxK0sUKa4DU76vJi6yMeFGEscjT5Ifli79EZoDQ0h1_9J2AzjcBuIoIsz3KFi-Wc6M2FVdHMxei7br4zuvCqkx6IammWkgx9tOkhuuXEuCDfX2INviVjmRGC0VcH8ffW84VIV3u4g-w8ik1pCp605BUkcdczRTMV5vYSrojy8qEkdxnBf-f1w-6Ua03zK7X3a19gkOufNkv47j20mShfXaL8PMlWHq17nGuy0OatxtLXEYjfHi2ty5JsG9WDJp7usprelSYQBWoF9KxOBypnfb728POestqRIkqncS-UqVgvC5bEN8VevqideyZEE0ceCAaxKscN8_EOQ5iCuifDp9-Op8Oi3Yrl6mcXsVq6MAsNJbOQd63gF_suFYJvivcc0XPIkYRoPbyzvnfVc2r4TL8T7ZQ6saTOyT92AcuS5bKt-CwjTqu_A4iQ-R0GLFW0usyGFYDBnC_yP1w-EYwnrsHHu5TYA7NCVicsg9zn_zJyoeK802y773IA3_OpI1Ed-LyTnFwt31ooBZZH4Tlc5HgbNJc52zmyiIvhkRPfporV0LL46cOioi18dtUlWfNtuzj0yO7r_sIi0YRSUDR3MgFrrMJ_eGP2n9h1shYRzii12kWGCQwti5j3Dr9vGVeeyeoMOvM6bFlN3bdvHDB5P5E683TYDm9aCnmxRkq-EaI6HCnSf_byb8Ptx_W8nPlDl8A&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fofficiallysp.net%2F&ds=l&xdt=1&iif=1&cor=9029329951505650000&adk=497053792&idt=128&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 13:49:16 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDg4NTYzNDEwMzc4MAogIHNlcnZlcl9pcDogMTQ2NTI0ODAyCiAgcHJvY2Vzc19pZDogMjU2NzI5NTQ0MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame BD03 0
508 B 180ms
52ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDg4NTYzNDEwMzc4MAogIHNlcnZlcl9pcDogMTQ2NTI0ODAyCiAgcHJvY2Vzc19pZDogMjU2NzI5NTQ0MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjY1NTY3MDU4MTUwNjQ1MzY5NApkZWJ1Z19rZXk6IDc5NzQyMTA4MTQ3MzMxMDQ1NzkKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTEwIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIzMzQxMDYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNjI1MwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x33cb679dc30535c60000000000000000","13":"0xb31899221b993f750000000000000000","14":"0xf3fe301fbc6dbfe00000000000000000","15":"0xb20be8817cb782b90000000000000000"},"debug_key":"7974210814733104579","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"12655670581506453694"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame BD03 12 KB
4 KB 76ms
37ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1704885633046658&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 2addbb0244fd1aa0534d85f78a5cc86c6f96d8f0d756f67cda9f0b4876ebdf98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4237
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7085 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DicirFjg6JTBQwQpQENs6FHjC3MvkZ-Gi6g2wie0QGtwhK-YCSuo92xTrPyzVQ_1gk5MUcBq5-9kpoZKvVXsjJs9fW3yNHPqfZJkiVJu5mcz4J1OdRfYMB6-u-Ce4TIS8pIzK_QSmv2q5BMqkd73bRTQl5cz4PcgbJ_dPHihqqa68HD0K_5Vq01gU-5jgAf7FRwOkW-mrZvyvNOMd794PXooni2Q&cry=1&dbm_d=AKAmf-BoxOWC1rTZto7yfOVIrTaigLGFM3IPxsJPbIzdsXnATeNV9GAfjlIjBb-zAdluOV6US-ufRdyrwRXiYTdaPE6xmmOX_Omydrq8Hhs1_un3Y3JXBSJtyEb5EpBWXiEcSJPFrLlwmo7bnBWJ_9f7MQlGV11MkQPIMEjxVxjMHgGwRU5W4MLL_pmzJVi_sIJsu-tOdols4bKw2iUf9W1Qo_At62Vl_KVkqnCj_ZCy5QA9GLDX8jExtUF-pH8_5CU_b0Fen7z-sNSud2-zWvK43BLj9aLJHMj7XwjlLY-UQc9UprXY_--BW9wvxm-Ke6RtG3iooCh6HuWrteUh10g6snQRfEnoE4DCHLM2_JDlHId-TGfnWPoIfWeRaQVxeNRfD7-HfWpBP0Cgfa12IJK_gEs1YsSMiQBruHfNpJomVezXow3sOskcG3jTxZIgpbex3cMPEs5l4OrPi7lWGkIERvUACCm3MbfwiOVrkaw7xHdbnLYsc-D_VDGKBv8F3XA0m_UMTEqY5fLLzzzEUZsrI_I35QRXlaQw5XfekLXXDUQ0YjHP0XFYgS-gZAPG98Upw2huXlGxwZHewxR4OUhoyD-vaZyPAYJh4hmOtjP1e6gtDpzNQGEQaytj6boZLkd5iS8TwFDNm_xUD_jspdf42WA5FZlWNnoWJaYkinhlGGNQ647bZJqvqow1XymZnT0dKWfqT8DAt1GAS0_i6Ni_q-_zIcrrwj4SD98CNXOB_EPClXa8bwvGe4YUA_ZjhLfCeTKf76c8LaPyvnoLxBkkiQtlGrUyPvPruKay8qHXQM6Ogk2qjJk8HOjGA7XzOxNzXFXQZuljEESYn0BmF8cyb9Z-4iFK0onnkCQ82zNRns0Sb-aqJAledeLMyhlPJBz0wO4-2Qy9U8uyKDr9bBJKjlr5s838wWGFAoMWuR9XxgKWm8Fu8527QS_NZZH9gUXD1KjzIVJFw4_frYnVOMlamNIhQMkKJa5Ivz4fbQFABpzMMY2zLP28RBUzjy6tGoohjcv9-PBWkWohvyYMOBz0atXA03XWXXdKsQutLoIRElj2lINzh8LkZYOXnveTEVBoZMEKnRuxAZOgUz6JF5ph6UcrhKnwXRyvU_3cYA4MgIGzoisAKmZtjUNxXfUKpVUJmNT_eqqnmfCJcVh2PVY4SbL5l4k4RjB0bVZG6SV6gacM0qE6ZmKoli1GkgkCZuBFEwuFM0Fy1yCwzKdEuBXKN_lzw5PpN2glQ2diY_Otpm0lX-a7rc4GEc3mrvVF5ThlrT8YPK2PhOpY9wOmm1DRkABJemJJ5EWR2p04xJu4tIFq1HAS7gYA7EtZvL3P6Nvr6uBFY9ZQs67rMhKd5S-zsZsgh8EtQ-dPGk7VIdMfEBwUuzh7bVkfnieVdUDxHWkDnIsxzBxPnN0gGuTmyju5boogun0QfPJHpWE-jeh3G4c7ZexvpJlRS8y3Gx4rYrn5WwTZ1_SZ3fJ2NbEzcNlvT4_-FyOlKZWjDFsI_h6B0an-cwmUIcM2FduM5z-tbDa0eTsmbYHnymAZ7IgnbTvSPc_Bm1vkdzT7d14a2sG8qS-EegLd0XnEes_gmgjJ1ynUKmJ3J2fpXif70E4pTLnAhtodCKujaY9aLuQrcQ1IZFhfB11eihq2RwZNkp2T4mUh5X7MopsUpj0d33IhorRxEZ_GYDBftHOyjeVLYEPiRDVkJc0vXA2ZiIpyNRsWxsZkf0-laMkRT6_YVU9DZcwV-Ju0LckgPojedhVYNbws8FZWvwmyuQHUJwgb5qsZ1IVxitYvGYNzceO4IKI6unjxerT7t07TofjWo47stgGxaAYOI8IlZ89lcE1Os6LCgaYw1huk19vzNQLl_Jx76IF4Y9ReHI1w9nxx_2qY2Rv5BxEOtJVU7OgsKc1wTuxiEcxttA_KjG-dBDXHKzlFtf8DGOp17M2pHr9ccnCzI0QB7UzlalI4-2v9uWZ9RrlvyKFLa4889zyhD7PVJPSnT_ZpUHhcJ8VmKsBbNqMEwYPGRp9LiltlqLdbEXrMPDDHWac_tAEhJwUJew3mEdsbJPs6ZRZVS3S5vZID-tpPx2RNNHCS5r-yuot-3I5fqCBCkGyYu31lfUoFXQYIhwthMBb9qAYdF3RnDW8BK0PXVS4RtF9fMmKXi5SNLps243LxrAs-BsJw12PVpkHV5K1VRY6ZkHzL79QWzCamPNZ1711Yfam4s5Op5_PbwjZ9TDpACNf_O_Mxo9TnqxuS7ZFXsrspiDBMyyCisvw3FZ_GUdxb_4we6GRjJWrvHMZDQeejfTZG2mLhduvCM0Tvnr15ccCe_hASlw51IE9MzbRYLpq4pvnKiICaIHdqcl6Aj8-uvC8QXVl5C6E-Xufs5UIagTk--tEVf3SCng2BTu_y86Q50IoWMGn5Dz5H31kexwBr5c9IiEboNj1hc5Bfg2hFFJqEmHc55WWHD1tJTO4YN9bJniA38WGqaVDMXon3s88r0UC-ujbpFDad62H0OVooHQVLE_57i6MMb8SllIKnX2XJDZ_kBtGlej1Qc-OFJ91B2mHYYHyekjv0uL0AmHOpjTf_vhtHEpWLwXAwXO-Y7LiMz9uMXPLCqqZBC7z06gdz3EFoIK309xgB0lr1-o2eYV6UCOr2Idj64drXc9r7-B4dMnM1ithOU1dUJbLq0B61Xw-aa8XrYXSl8BaI-xu3a-nOwJUuc0d7hPvcG631RQPeKEfm9dsMu7TqJgcWb8bUTnpCQ_1Ch-Iz-GP80J0CsLX0k1x_udAG3GT--gPVvLEN9T5oMgSG4tB1UnD-UYKjh_5k4sQBbB0KGk-s1qi1GBvraK6IjGPnsAOAB2KvfrW4ycclxiyeV_nhVoMXNTMf6zunm-2iP4C8B_wQXjeVQXoHT5pmYDAvDSCsvnNYFsbvgpTXsj_4qR69laLnJEZZLdGkNXgaTPuh1RJ1JC1e51s4Fa_Pt8vzrc8JKuZ7WuIrMdpzFZuTGMy9ze62q33iX0knvYWm0hcRIvA5D0dXn_5Esub48v9D7xFruFKq_RGO5LuRy5S6RtnasAj22ui7clwwYDs0CaLSgElpdnC7epaSQ23rvR3XUK2I4Lut3NJPivyVc7VKMCNldTH7NyG3JZ83Jj8tl_dDNtd8tF7KZI-w3gVBlh2S9mTxDK6IOJgbwy_9D2Ln8uy-gR2PkQrQOH9cfLTomIJXmccBH04SBB_-JPm4wj5aFv1RZ6ny7J47mTWyX9XIkLuLkC_W6hz5RcNdw4dg5ZgtIm7TLFT017ZP2l0Lj68FIFtwS_Z-s2itgqHHxGAhMPZ3BpWJoty-htp8R-NL01iZbzZiMQFeybBiy8iQ0bBxYTAT8r6GY-jGGJZjkpXU7CeGtULqe6hPJbrACanXTyzmOtVf8kcP4HGs_hEXdnC5Oa2iLlE4RJYTg_cHbE3js6qk55_4JRB1t5D4bZcruQ2BH1EcMQtSe4tTMVaGRfynKTNupEFdNhdiKLlcwszGuutMQ-5YnN9wCbRQTEfKe3k6kMnEO1b67jmxUthfM3dRd7Up_0o_Wt9c2_okfN_N0Gx7p7Erqg-jennchU9ahjtk0YUn4VOL4ro9qLfU-EDv-dzI6B3TSnXqm45Gmo3h2anP1doF7OCwlW9h5uQKp1wNHP4WqBctHT1Va-mSPZ0EoKYLSyK936NhOBQxANjnXdsPMloEOK95BDbbTlX4AyxxZcK1m1PFrn6UQ_gMpjNoTPvtgMDRbBuBnYw1HOyccL1blaRqofaT04RplyvJYlm1JpPOnW_Ctr3jNTIDIMYkzg&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fofficiallysp.net%2F&ds=l&xdt=1&iif=1&cor=15246741175759147000&adk=1761367584&idt=145&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 13:49:16 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDg4NTYzNDEyOTczNQogIHNlcnZlcl9pcDogMTI2MDY5ODczCiAgcHJvY2Vzc19pZDogOTQwMTY3MzYxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 7085 0
867 B 178ms
52ms Image
image/png 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDg4NTYzNDEyOTczNQogIHNlcnZlcl9pcDogMTI2MDY5ODczCiAgcHJvY2Vzc19pZDogOTQwMTY3MzYxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDg5NTQ5MzE2Mzg0MDA1OTQ2NjIKZGVidWdfa2V5OiA3OTA4Nzc3MDU0NzU5NDcxNzAxCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMzM0MTA2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDYyNTMKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x33cb679dc30535c60000000000000000","13":"0xb31899221b993f750000000000000000","14":"0xf3fe301fbc6dbfe00000000000000000","15":"0xb20be8817cb782b90000000000000000"},"debug_key":"7908777054759471701","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8954931638400594662"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK etoqsikfebn1 Show response
hal9000.redintelligence.net/zone/ Frame 7085 12 KB
4 KB 77ms
40ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/etoqsikfebn1?subid=&gdpr=&gdpr_consent=&rnd=1704885633046659&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 2fbe38e2608353a5f83fa8de24921f2e635491fc388c7b4e512b5eb952c22a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4240
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7C10 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 75595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 14:20:39 GMT
expires: Wed, 08 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B8E5 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 75595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 14:20:39 GMT
expires: Wed, 08 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F40 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 75595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 14:20:39 GMT
expires: Wed, 08 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C10 39 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 19:06:14 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame B8E5 39 KB
15 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 19:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 19:06:14 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F40 50 KB
19 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:57:38 GMT

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame BD03
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

120ms
97ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 865501ad6009d06fcff73d35c0eeeab866525ef8fbc488f926e97658db0a32ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 11:20:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13895000073631704444552012565028
Connection: close
Content-Length: 1351
Expires: Wed, 10 Jan 2024 11:20:34 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 11:20:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 10 Jan 2024 11:20:34 +0100

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame 7085
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

124ms
101ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 144.76.104.53 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c836957766086ae5306530a240dbbd4a7e16e46581a22df3d8bfa62f29a178fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 11:20:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 11902600070464804444552012565022
Connection: close
Content-Length: 1353
Expires: Wed, 10 Jan 2024 11:20:34 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 11:20:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 10 Jan 2024 11:20:34 +0100

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 107 KB
22 KB 46ms
16ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8adb9b85292100b02bcaf8e97b9080e3236a6aad2bb8dc0354bf39e2237ae8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 87634
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22632
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 11:00:00 GMT
expires: Wed, 08 Jan 2025 11:00:00 GMT
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A32 0
0 121ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJNjLfYbBux_qx08CK6C5p78TgHaWC_Gl284ecPSUojRUahlNXp0NHgMBaJkh1N-MJMHBW-6zryrbGcINDb3tCRsvgwdQA00oHgy55K3InJKsBNEmcPK4jGo9Yc6ECP364hmNLmghgMJQ6-4ZDQzWoBPt30tmV7pWXCuFQoXgclntm9pwvZ1leJiLV-LrFfVbLtadb0iaSnP9R8HdXqIY6uEWDR3EntJ_qLcagnnB3h_ko_4qhy9YqDT1niG2594ociYUrSKZHnqK8pGtn6fJ1LjsI1GkSmtIcaJ6ozXoc0ECT1Y0t17adRswlmILfdqv5pz44vGkyKbumtO87r9cFyIoPsMX5Cgo-a-iIuO9VEGeMdlTYdB77SOirqqmEcCVtby9tATV07-x7Z2hCcchicHKqc2Ova69DCIE1dSXv-9LrmAliLlWeI544mG8aAhvPGB7qn2p_8pKYly5heoIBsEDL1cJCNdWrbs1dRJK7PCISS44__YbeQOkZB6g-XieIAFm9pEYpH1Lorc6er-ENsaSt2fH8acyAc1TmOeUvggSypLUPkDQsPxkRiM2iZ0vTvB2Pb2MO_-Pow5O_F3iiGxb9LWKp4GYLQqSP3Axopc9XL1-wEHlRfhcZaNFGigdhAlW6IxM5iZ16FVWGQVj1u8JKufZ4Tx3cFms9IA3qc1kVQ4E32zQPCWNqjxSvLUx_RBOIb2KVEG6yaqUxOn8E50qvn94s58UEO0zbSxzmQ7TpEEMKU8UrUXX1gvu9LPWzejgCUA-muU_ofqSjIbyde97LojljKkX7m9pO8wCd1l7XxMxfSBXdpQxCsTjY_o-Xybt60f-wH7SUbRbov4E0YbR4UEvRAchxenCs62uM9l3m8ayyaZacNvzcKM1sWrezJxJvqORcZFTgBHnmGoEF2pr9GGDVlbeMqy033fX9N7TSn7tx754cYo7flkVmdQzx1ngq-izGwj6p_PRR1idKAxWgqR1m8rgqVx-9KYoiBwGR5HLRU63dKxTLuV9nlRoDaLIN-ciZ4mgbiYcz87kQyGDbps3FX_xZ5DwXeywbtFU1jM5PWRWSQZvGQnI1ErdNyXRt_wsxBfxzIwC58MzrNBTH4C97C7b0a8B3LZo6BPQkZBIvecLj6DXi-PGph35g_i3KzodOaxDyUbHgU0v8o2pmNWqtaqM14V0uLGQatphsiiqmkiJEbCxIrCZFkC7oYSdBBU-Mwqu2U2H4T1GMWhJu8J74fj54LZRYtsVavKWSqtOngJKGSslsvbEozf_6mdjXKYExHUPegvlbRmu7gDSuQqXYqd7-Ng9REEzOshp8M1jqsasOLkAv5wlWWw&sai=AMfl-YSt6kheKdLYpS8nMUMIkYQU4j-v6iCW40Tp6jIfxygIl7E52-X7rr3yk5avOORLooMzg3AcG66pHyay__vU1vzD6lqov1mJjHWubgiKY048w6PU5N68I_PTN-dNqYt6pMoZAxTF6RCwe6dYoAQpcJQkD2oAKzr7f4zPATBcYl1JFRucrdNNS2X67j99rFsePhfyrJIEauvzbgOqxScn5nxdUWltCH0AHZ8WuN3xFmvddDyZet9nu4ekWTYyjYQ7HclPl39DPmr-nbJcC4kDvYzIOx74PbA0F_th7o2Gg_1Wj9Tz7OM1Z85LBKQIgWO_rco&sig=Cg0ArKJSzP4Yv2iie3aREAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=1&cstd=227&cisv=r20240108.51778&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame 4A32 62 B
569 B 203ms
160ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31200026&phint=crid%3D208226895&phint=pid%3D384394325
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 10 Jan 2024 11:20:34 GMT
content-length: 62
bk-server: d4cc
content-type: image/gif

GET
H2 200 main.19.8.471.js Show response
static.adsafeprotected.com/ Frame 4A32 213 KB
66 KB 38ms
10ms Script
application/javascript 2600:9000:223f:8800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.471.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1898970/77442736/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-1548903334937961&ias_chanId=1&ias_placementId=20903658371&bidurl=https://officiallysp.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ji37WxJXERv6GWFVa_aBaO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:00:17 GMT
x-amz-version-id: X9sw1Zr8bAUw7F7sDeuDh.4SKpCYb.Kd
content-encoding: gzip
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 134418
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jan 2024 20:21:44 GMT
server: AmazonS3
etag: W/"daac96423996349da2447fd453e5f6ab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: XfOq7cXTUVe66_0SOk5GGHK1IMWpAz3801Du917-TWm2SXZ3JJEOiQ==

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame FDF7 32 KB
11 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 23:49:09 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 4A32
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1898970/77442736/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-1548903334937961&ias_chanId=1&ias_placementId=20903658371&bi...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
463 B

8ms
8ms

Script
application/javascript

2600:9000:223f:8800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9100756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: -ergsWJ5rjWzbi6jwyuZnNYONtSuia-E43-Ga_iyDQYFyoz4IaGZPQ==

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FCF7 91 KB
23 KB 11ms
10ms Script
application/javascript 2600:9000:223f:8800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9630684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 3zpf-2rK-IG9u5bJH96DoXvBtZb34wOTy2X7f4TlG5ZynsNisMUzlg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A32 43 B
216 B 533ms
174ms Image
image/gif 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=bf2eb816-013e-0e04-cb26-77aa954d19ca&tv=%7Bc:TDaLD,pingTime:-3,time:157,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:127%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:157,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0Xsnpi+11%7C12%7C1311%7C1411%7C1412%7C1511%7C15121%7C161*.1898970-77442736%7C1611%7C1612%7C1613,idMap:161*,rmeas:1,rend:0,renddet:na,siq:128%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A32 43 B
215 B 531ms
174ms Image
image/gif 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=bf2eb816-013e-0e04-cb26-77aa954d19ca&tv=%7Bc:TDaLE,pingTime:-6,time:158,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0Xsnpi+11%7C12%7C1311%7C1411%7C1412%7C1511%7C15121%7C161*.1898970-77442736%7C1611%7C1612%7C1613,idMap:161*,rmeas:1,rend:0,renddet:na,siq:128%7D&tpiLookup=ao:officiallysp.net*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4A32 0
0 53ms
52ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJNjLfYbBux_qx08CK6C5p78TgHaWC_Gl284ecPSUojRUahlNXp0NHgMBaJkh1N-MJMHBW-6zryrbGcINDb3tCRsvgwdQA00oHgy55K3InJKsBNEmcPK4jGo9Yc6ECP364hmNLmghgMJQ6-4ZDQzWoBPt30tmV7pWXCuFQoXgclntm9pwvZ1leJiLV-LrFfVbLtadb0iaSnP9R8HdXqIY6uEWDR3EntJ_qLcagnnB3h_ko_4qhy9YqDT1niG2594ociYUrSKZHnqK8pGtn6fJ1LjsI1GkSmtIcaJ6ozXoc0ECT1Y0t17adRswlmILfdqv5pz44vGkyKbumtO87r9cFyIoPsMX5Cgo-a-iIuO9VEGeMdlTYdB77SOirqqmEcCVtby9tATV07-x7Z2hCcchicHKqc2Ova69DCIE1dSXv-9LrmAliLlWeI544mG8aAhvPGB7qn2p_8pKYly5heoIBsEDL1cJCNdWrbs1dRJK7PCISS44__YbeQOkZB6g-XieIAFm9pEYpH1Lorc6er-ENsaSt2fH8acyAc1TmOeUvggSypLUPkDQsPxkRiM2iZ0vTvB2Pb2MO_-Pow5O_F3iiGxb9LWKp4GYLQqSP3Axopc9XL1-wEHlRfhcZaNFGigdhAlW6IxM5iZ16FVWGQVj1u8JKufZ4Tx3cFms9IA3qc1kVQ4E32zQPCWNqjxSvLUx_RBOIb2KVEG6yaqUxOn8E50qvn94s58UEO0zbSxzmQ7TpEEMKU8UrUXX1gvu9LPWzejgCUA-muU_ofqSjIbyde97LojljKkX7m9pO8wCd1l7XxMxfSBXdpQxCsTjY_o-Xybt60f-wH7SUbRbov4E0YbR4UEvRAchxenCs62uM9l3m8ayyaZacNvzcKM1sWrezJxJvqORcZFTgBHnmGoEF2pr9GGDVlbeMqy033fX9N7TSn7tx754cYo7flkVmdQzx1ngq-izGwj6p_PRR1idKAxWgqR1m8rgqVx-9KYoiBwGR5HLRU63dKxTLuV9nlRoDaLIN-ciZ4mgbiYcz87kQyGDbps3FX_xZ5DwXeywbtFU1jM5PWRWSQZvGQnI1ErdNyXRt_wsxBfxzIwC58MzrNBTH4C97C7b0a8B3LZo6BPQkZBIvecLj6DXi-PGph35g_i3KzodOaxDyUbHgU0v8o2pmNWqtaqM14V0uLGQatphsiiqmkiJEbCxIrCZFkC7oYSdBBU-Mwqu2U2H4T1GMWhJu8J74fj54LZRYtsVavKWSqtOngJKGSslsvbEozf_6mdjXKYExHUPegvlbRmu7gDSuQqXYqd7-Ng9REEzOshp8M1jqsasOLkAv5wlWWw&sai=AMfl-YSt6kheKdLYpS8nMUMIkYQU4j-v6iCW40Tp6jIfxygIl7E52-X7rr3yk5avOORLooMzg3AcG66pHyay__vU1vzD6lqov1mJjHWubgiKY048w6PU5N68I_PTN-dNqYt6pMoZAxTF6RCwe6dYoAQpcJQkD2oAKzr7f4zPATBcYl1JFRucrdNNS2X67j99rFsePhfyrJIEauvzbgOqxScn5nxdUWltCH0AHZ8WuN3xFmvddDyZet9nu4ekWTYyjYQ7HclPl39DPmr-nbJcC4kDvYzIOx74PbA0F_th7o2Gg_1Wj9Tz7OM1Z85LBKQIgWO_rco&sig=Cg0ArKJSzP4Yv2iie3aREAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=397&vt=11&dtpt=168&dett=3&cstd=227&cisv=r20240108.51778&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: officiallysp.net
URL: https://officiallysp.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C10 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQ6Wwgn2eZanbC83UjuwP7OCpUAAAAAA4AeAEAg&bg=!Q0ClQA_NAAaumcC-jpk7ADQBe5WfOOPyleV_td59m8CBzrplZXrhyCphJ_zwPDSpkK1Is2_UEjs1TXBoJ43FW47qdUfpAgAAALtSAAAAAmgBBwoAPbAnEYh5pwhx8yZoqR5mVOr6xV4ub9Z7kZprAyfd2uwzM1HuKcFyI92RQBx95pVbySoC_ZJFcaHJ9JBalP2ZAwPq6QNpX3i1GO-9lS9bleHDh-LzcxeqomQEXgsjlm_qYPuAcrK_8IKPiP8CJNoFfwC4-q7wZGKICxiw_PF_WtdfhoVLCJrS2OYrbj5BSd8CZoczCCIqVsQ41IQQMHKzYsRIWflt2OWFcv4b-kXYt4SustDrtAAQIHw0XxEIpGeBIOfrAop0xzcbhG-E0lUDv710WlU5cmHhzPbex0Drm3lngVz_BNxJPCNTUjXZIU2MZzw5f4y25SdOgkCPapNk2zL1jcEuRLK7Kk8eS02Y2xORhi_uKi1rAee83pxN6O5aL6gfBFWp1qxzVDC9x-lHHOxcTggF9PZlTUjMV2Vo04MGGG5yDucsgRh_9cC4zQeSJwWFoYVvHJxAhD28ZXOU8VjVFAvdYyWTXQOlBx8z6I8wrbCiFAZMl7566OIukM3Zv60LChlyFdbYsSkHhxj8tSyyZqq_81VZjpXGl_YrnNiujz7qoUOGf-O0Z-KmDmld1YGBP_bN330Lftl7dmkFK1Rh_lM1TPUVq-NHYDokcneoC_ghB27CerT3l86PHpq5dIgB-9X2izyLR4TeXpfOmRh5P5AhmKSEt_6Czs5V4ePUGyfjm2I3GHyhmCfTn379l0PfOj6nyNIy9CxGAIfWg6Fw4OSqyRGozwcwkXbPW3pjqBDSBsbGBatzef4V-PE8oR1WfMcv5XaUIaQJcLDk8miDi6ZaFiICPGXHtc1i0wnnm6JLdhPfn9SKhDm269iUFJbenLOPsgUWXqJNH0VNi4pZkW8oc6Mi7Nd3dLKF5rI1mI5aVY0tzCq5F3yrNsR_so2VAH55lJJLoAsfl-D_V3zIOWdfxTg79eWaFp9nRgQaIBFQNm9vn6a8iGNd8ZY0I8WCKyAoXjAgdQwj9scK4YyWwv4ZI5WzI3Uy4db16BaNwVN4HNoUUBtZDj4AaiAnHW5D8drxtWc1icT24AKSW2gHv3ApQXktl21PU43gwN9qfXcyHPTrFbKLVWos9IhquJXevaEoEWz5-lbxI0VZ27mdplc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 504E 0
327 B 3395ms
35ms Document
application/javascript 91.121.248.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=13895000073631704444552012565028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Wed, 10 Jan 2024 11:20:38 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 79F5 930 B
923 B 40ms
9ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 10 Jan 2024 11:20:34 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 17 Jan 2024 11:20:34 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame BD03 0
326 B 3395ms
36ms Script
application/javascript 91.121.248.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=13895000073631704444552012565028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame BD03 43 B
360 B 3401ms
42ms Image
image/gif 91.121.248.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=13895000073631704444552012565028&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BD03 43 B
705 B 109ms
64ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=13895000073631704444552012565028&pv=1

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=0cedae43ed&subid=&uid=84400c571b7fe41b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DClP2lgX2eZcLsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0FSgFegVrq4-nHDfnYh6HYlgvMUdOABBAKzQWiy9DRB6e5Hq_l-v9i3lf9KGFhoK-vyI7xJk4N6Hwa9DD-p5hnX32MAlBg9ZMfKqeybIhvoQgGhkyJXdKjVvdyAIGsUhlDWjU7Eu3qBai7SIJV_zZKiRIKHVVgUzEpEvep8BY0rAiz2FRae06uCQB3Y7D5MmaJlDSGxgfAF0vduQfTIfk-4PaTzZYQbPpV9wd0Cqx54CvOXzuwSafiAsudjjttuHWvOgbtRDZNedurSO4mWjGiLXFMGOawh8eojv81gNP1N0OHXT4pqdLSt7szT3nq6BxJ4ewATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_0ME7zparzw5Chql0eK-R5DKk2qQw%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-A6TfwwqzpadNwFY2m7uLXSUMswQbNOz-TXLgQD5GylyCC6TrJBBJc34nuEWLWRgrTbUmCK0wDtgKoSqMl_rT6Se-UiAlfpdu0CsSxTBCEU7xOQHP19e1l7MjR9618kKmBycupoCDCaJpRwcc4MO31DmZAsz3uW9n2fxacr7o78ZJF3hkvdIKUa6vdg4sVbCI1cJt_qcQ54nx-4O5sifymHEO18hg%26cry%3D1%26dbm_d%3DAKAmf-BNGeVmFRLY-P5Eh3bdmHWR3AeU921okuP8_KLvvptTum--bDumh37VLsngLurpQm6uOu3YA2pmh7niu-RIY86Z2BVhLTexfuLm0zd1iUBkI--xlkaxqeUSPvtPUmwSzTOk18_iieLYd5Qv_lJhokgg7fmKEsqEstzaWpTPBKF8wwmFe9E_5eee94jWhrT40EcnpVNJCfY97jETVeGf5qiBsLXsMOWiS4VK44vUi-jXmEcpjDR4mmGlCGyt0VquWjbuwLK6E7MxY1jMgyug83HOphTFbkz3PLyt9uuHotSuhFyI0EAfudRYDCI21gun4IM6mgF2qZmlDyeYfBCgHAp1hkOxSn651NcQF2XaMY5EjqhYwEkMuQU08XvSFl2kGalabzTViVunu78Nvjss0lQp8EQuUelqXH_3MVyuM5eRuC8ZyaPZw_0Zo4chEHL3AIVrFDOhY-lNO8veDWYhfK1LhM9gKDwUE7fKkR7ZOwYjO0h76lywYSmgzEp6bM9tbHb40ZjBNRvfx-6zH0eXu04a0CL6IwrurGcxedDhERZqqkifTKUYk-xLruCg2kXrQs9mJDW2tGuVZqmdChgz-b6qijntBQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-1548903334937961%26fa%3D3%26ifi%3D3%26uci%3Da!3%26btvi%3D1&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=7026313656022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 11:20:34 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 06E3 0
326 B 3393ms
36ms Document
application/javascript 91.121.248.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=11902600070464804444552012565022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Wed, 10 Jan 2024 11:20:38 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5C5C 930 B
922 B 37ms
9ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 10 Jan 2024 11:20:34 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 17 Jan 2024 11:20:34 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 7085 0
326 B 3393ms
37ms Script
application/javascript 91.121.248.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=11902600070464804444552012565022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 7085 43 B
360 B 3398ms
41ms Image
image/gif 91.121.248.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=11902600070464804444552012565022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:38 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7085 43 B
705 B 159ms
116ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=11902600070464804444552012565022&pv=1

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=etoqsikfebn1&nw=20&renderingType=javascript&namespace=c8e49737d4&subid=&uid=89dac85929e66397&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCgdE2gX2eZcPsApjO_tMPmN-F8Aym5b2gae2NnKfJD_AuEAEgkLfUQmCVgoCAoAfIAQmpAkqBKeZfXLI-qAMByAObBKoE9AFP0AZa3OzPSA1U1LkHrw7J4eLGvY3ZqL2d6v36vHIYJIdIqeJlecGQ9lhpMQxQ73n2Z6om2GQnyqwKPjwm6AFdM_RSK9x3f6Ub3mc3L9l6yGG1P8nSAevlQbyk7TLmmU0S-h0c-VDnWAfXL8ObVb31FzwOwxkHVWPLp2u36U1HbX4MzsYmtzHRbhCWmpiNHIam7W7yNra4GLZ_Vd5aHZ990v9uWsQDJAtNEPSCaCq2AYNGIf26WLawvfwq2ilZYW0wv4J445cGPS5rivvrUoNQuEnxD2DeSsoaGHiQAfrm5jDyXD36OgvWbA8M39DSYyweFn4fwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLnJpPTZ0oMDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ%26sig%3DAOD64_14RiN9QBpisNYXaQzGokRDWImJBQ%26client%3Dca-pub-1548903334937961%26dbm_c%3DAKAmf-DeywdOyoB6zDCgz95qHOh6uSGxXP1HgIzPp30U80tPN4LS8i6h1B5ZYDJeBMSSj9MQ3zlI4-3pxYUKM5H6GfqtmZp7DZqeNGr82y3KVvX9ofSw0QV92YHDK4tky8Ao2kdChYEBhnzhVsmYeJ9Y0Jcwws4DfvKR0iEkEyX7Fr9egFT5PBvMI-ulN0svkCbax9OOoEIs-B8HYHxn7_pQ9-ZYI4fn9w%26cry%3D1%26dbm_d%3DAKAmf-BDe1aTCy5d6U9mlG4KABu1hGtj9QIcAzbDsaHeEnrgB6XDgI7Nt5QomeSk288HDhKFfULEpp4g3sIoXebqD7x2IS_FSTm6vB6pZKn1kdkj4yrsu25XNwBS6Dxx_f-RLB4cnfcGjuvux-UlI0MTxcZE6t_gviT27fFfyRHS1PJp_B45VEkUpFJyXz_nKt6DDHkUsk7JGRo1MNFRzjd4r9jbgEySUB9CNbZhNzznMJRbXA0gbvvtn-ivZ0IX_1g8MxRmkKVCZucCd6ccIlamqk66O2QyJ0qpUxh_QX4EerK5Opnyy1sirgN-KE3yMagzTZtEZ0zy5rMa7EC5T5Iuc3B7XD-cgS26QHvZRfbI-ZauIpjvV41jR8t6QlIVoaxHNzkUixocrHTcDq06PTSMNBiCr4bnnSl9jOpyQ-dIPoINM0-oo099ECLOFCdfcYkiB_aLVvTOXnvhpT9I4eWVfMLvQVmFdPJjybW-WErdfTOet2xnYC06yhsFRf_bqeqnCd7MsQiZWdYOeoW2NAAhfnL-8VPNLw9W3TbK4fZq2JH8Aq9hq3XU9_VbK3WuW6q0kwFiWFhXSAQDLSJ5sgQFdJOnyeQhCQ%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240108%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-1548903334937961%26fa%3D4%26ifi%3D4%26uci%3Da!4%26btvi%3D2&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fofficiallysp.net&random=9640565029339&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 11:20:34 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A32 43 B
215 B 510ms
175ms Image
image/gif 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=bf2eb816-013e-0e04-cb26-77aa954d19ca&tv=%7Bc:TDaM2,pingTime:-2,time:182,type:a,im:%7Bsf:0,pci:%7Btdr:46%7D,pom:1,prf:%7BbeA:550,beZ:551,mfA:662,cmA:664,inA:664,inZ:667,prA:667,prZ:672,si:677,poA:678,poZ:691,cmZ:691,mfZ:691,loA:707,loZ:710,ltA:731,ltZ:731,mdA:551,mdZ:600%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:127%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0Xsnpi+11%7C12%7C1311%7C1411%7C1412%7C1511%7C15121%7C161*.1898970-77442736%7C1611%7C1612%7C1613,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:128,sinceFw:52,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8E5 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-DCfgn2eZeSqBoKV7_UP0KOXyAkAAAAAOAHgBAI&bg=!ZmWlZSrNAAaumcC-jpk7ADQBe5WfOPEvfZ7booHaqJDxLK5vAj1qgS6O6chkGhjSXlDoi9E5fcEsfj2PG0VwbhiDCWdxAgAAAK5SAAAAAmgBB5kDE-gxthv1vnllf6XEH9BYv5W7VQ4q1TdmVflBkUum0JtMRue5NdZvs8C1TBCzvkofqmWiwQ-7qxRInFlMUlkOvYq1gaGJNyr36SH9A8iZtOjb4piL1TUC02nkOipdylM9Ntqd3DVJ-VboyVFGdgaEE99JQtnKdSAHKqnMSPv0oreLSHww8R6HObBozqZzZyhfSy0sB58ra37Gbo5Q5GNNDqhPz_gIlGOZfWBTb6h1B21JnWu7r80eNDvtX9JUNybChelzqidoG3ni17O7Edp03Sh30q4AgEV8yCqxmcfg8cGQdbGiH8aOuOqH7-i2tfJU6-trVzf9TfNBZsEN9d3a3zqQJbd4Yapl-cCmTrjHSlbcb6MSLtgP-y1J0SAwugKyl01bIwryuYgEAwXUBzfVqThvirMgoNlg1qzVGdKs3eia5FM2LpyDIMDleCNNWB5kTOSXx6djkTkRIpkRiPex4XGyoS_W90iN85RG8wS8w85nE4Sp8yBaWmPyPBgOOyp2u1MspneYVnZzDpkcnlKDoGtR6QPKSZ1QmVBnSN8Eff77vwy7iNAnC5e9Cj1pZY1d7CaqHmnYsAb3xeIJ3WE3m9YlLGhZwHdQIKbRlz_-XRbWGEioDVosUFeKDaqe8sLGeLMt-HZlwcGWKMe_b0iH6ub9JLAEeG1Tu38Q-s93Yltkmj5MLbCGZ9L3k5oooxAYpvExOMTcR8IgrXKIDqEsAUJ4V1BkzgcAEW-kN2UAio-kzMvFuikQYZ-3HUrl5C__pOfASaHZjrSvvVJzkZbXB4Sg5R97WxGzvMsqGFXzcZ1qDUM5UAKuOCJLwVrvsdDvhiK-efwrS4epSnMvhDuIx1yd3NwIfK1VHa4srajlHz_ZhxLBP05HlJcMBsPWg8Iq3OQNg63NfDTNzQJoiVH7k5jqw5bGMaSb9be8mwHozwTAaaesM0myvx2KwL1tLeYjHv0G4TTIE9ZDmQb9bBfQR6ypE_ytvLIwp1kqJ6xfp20FpdFd2mVqREmsAqEynj0vaTzNNyRg9hj6fLaoybwfcDJAKPA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F40 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BtkfTgn2eZcf1B_HYjuwPwaGnwAMAAAAAOAHgBAI&bg=!CAulC0TNAAZ1R9vHVUc7ADQBe5WfOAYxLOedXsc3dzCdiEpaP_GOEOF5T7KIOUNUbkJs-jIBJKxtIb4mqr6-d1PO4KunAgAAAMVSAAAABGgBBwoAKEe0xGymMuxt2SA6OI_6ZIYeeCyUIBB2XMNjICUP83FVK_KlP1Ei542ZAyA-TWQ6Cr5DAU9nFmnjcRO4iA2jLovEUVGBN3lhU2GyVpZ7OSFvHkNjgYP9eIvboW-yah_rOFP1yn6ezTwov3552F0R6u1HgWBiroqH3gH8xEntxExixF0Ud7ZubGCiqg7kmSOesUl1UfDuWpu1WiqTpnLbUSc5kRX-L8OQCwy_l-zzLYErbMBPgWzqAkxTj5SrtX6sMJsRFKKjWAlE_wOKvv7_riREgPeFQHy5GER5WJJD6Bob3ZzjXF4VE3VxHF4H5aJck2ErROYmQaa6ggn48tlCbw4NRhporo1josULShk6x0djdCtoa7m4wTh_XcOwAU0eeKBqXBlmC2CYy_Ukd39orPGMqH8ZYZUsL4dFsZnoG9LCQYnAM3xGzjN-rBW9cVy4HFHQHInMKJDZEQ9FvDeLe41xNgJnihghjuvyECNwNnzKbnLzMWZSjrgAYOf2CsvEHCWmLHeE8S13Jg_usunQlmns3zW2eQfp_dRaf0tX51cz4y89VxyojfW62NsBiCIbQZ1aP2IixUKnG9F0OqvUYE8_WsF8XmSCNiIVsVEPDCw1cV9vUl-2NBAYA94tfFoDRglOLQ1vE7cVIF56C4LudkmmEmRv29zcZmT1oMsb2N54-4BjYbjfpRaWAVXuX-d8JKYNgVNjVdq6QHF62TD2nQKdNDgNsVkVBfQ9_QM0py5vtRL8l7MOo-1mYWfcNgY1iT0uwq0ol58zEYC1jPXzyscvmY35sFuS0HSoHFPt9Ij5vYiOy40eBwl7vv98zXoLczLi_x_wCnratd8uoIdMKfXLz4Uyp4N2FPebKJG90fYQBDPn1QkIaaoByyml1dK65nH7E1X3R4rMubzfZTQ6yDhyfxZHt3JeneBJjqCAAG2ED3ZP_wZLv-s3Vbp6f4JVL-IynhE_rf92XkXmo-c6shwXM_znQXMW24frzw3IPu0lusC1L-6wGtyH96poomLgXmISxqasufeWKrqqBLtq-SFMrjHVpRYXDkbSBwv8Fl3gXN4iBoyopfigAsO7tKwLklFybZir0bLz10EtfWg83VpgBMPqGMKTVpIQLA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Logo.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 5 KB
5 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/Logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70857504e246762877461c8aa20de02df0d734bb0ad14dde07cb0e02cff8fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 10:27:41 GMT
date: Tue, 09 Jan 2024 10:27:41 GMT
x-content-type-options: nosniff
age: 89573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5264
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 2 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/preis.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be4ec0712dc183908e0a7ee57c2d962b7e521bc740638bb357eedf0cc24efccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:58:31 GMT
date: Tue, 09 Jan 2024 08:58:31 GMT
x-content-type-options: nosniff
age: 94923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2258
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Product.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 5 KB
5 KB 20ms
19ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/Product.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79af0270d47ff83fe1f753870300b4a0fb3a3d88ce4bc184340187ebd5c497f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:00:16 GMT
date: Tue, 09 Jan 2024 09:00:16 GMT
x-content-type-options: nosniff
age: 94818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5283
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Date.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 914 B
942 B 18ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/Date.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3039b83f93f42d39138d253991aaa0ed99c7d63ac80aa4ab9b00f25b43b9ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:58:31 GMT
date: Tue, 09 Jan 2024 08:58:31 GMT
x-content-type-options: nosniff
age: 94923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 914
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 HL.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 1 KB
1 KB 24ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/HL.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be0f63f270ac9e5fa60b6e0560cfff6ed5a1ea06a39ffe6c0f28d098baa569f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:58:31 GMT
date: Tue, 09 Jan 2024 08:58:31 GMT
x-content-type-options: nosniff
age: 94923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1464
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 5 KB
5 KB 20ms
19ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/Visual.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa9264be58c8ef61d1bd2e36c7ee38974a8c79e198a8859eaee5eca85c996e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:00:16 GMT
date: Tue, 09 Jan 2024 09:00:16 GMT
x-content-type-options: nosniff
age: 94818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5048
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 BG2.png
s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/ Frame FDF7 9 KB
9 KB 22ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/BG2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2bcea3cd95d241d79f71ce3066c3670e8af27fdde3b26e5e21dd5c01a3bacad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11129136929417033734/728x90/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:58:31 GMT
date: Tue, 09 Jan 2024 08:58:31 GMT
x-content-type-options: nosniff
age: 94923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9404
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:14:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 79F5 177 KB
63 KB 57ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69633635f47a1973f6d69f2fa25da043c9079adebc20f049fe86169e2e0b8724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64527
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 5C5C 177 KB
63 KB 65ms
36ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51368f2b8563e2b7b653f8aa5115223abb353e7e97926a74c4fc8314744bda6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64513
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 79F5 276 KB
91 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

211016d14bd16c8b139814531dbf02d3993f9e66dd6942659269303ce8dd3fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5C5C 276 KB
91 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88b7269b1f5eec4dc51c2005d31edfa88092b91722a25a098bf0b369c436706c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93545
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 11:20:34 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A32 43 B
215 B 203ms
174ms Image
image/gif 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=bf2eb816-013e-0e04-cb26-77aa954d19ca&tv=%7Bc:TDaQO,pingTime:-10,time:478,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704885634986%7C%7C75ec3ffe38b36257f3060f5402d68b86%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7C084c003719307b42ae8a540b93e60431%7C%7C72177312053e1faa6fb5a2d513845ca5%7C%7C5521a914e73d2e26c768d1c061c2c4f9%7C%7C54ead068ff79110882b4669d87020679%7C%7Cb5d483f9cabbc4bf3279ccf670054a34%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A32 42 B
174 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYit-KQojw_W9syIPPnrhRIFI9LcgFlDEjDUpds1RSRJtPcVA3W59IY_ayXqxw1OK0cInsWDD-AukWGHw9CepdS7UdrdWUyBnH0d-erQOUq1SgxJTb4EBhot2d2qYnNwpiXDMYrgnic98BeCPPR9dmOf5D&sai=AMfl-YRBGUPq1o2CN419MJROYG-Bu39YcFcNuVOYWC-hJZ6-zrZp-9WzCxcaDh1J82RPgmUFzRr_saGUdBHatssqAML1psLqbgB_hexgjaRc5kYolJKLgKOESzJY6-yXAQkUZxV-w2Z1ZBn6uWR0U7LVGw&sig=Cg0ArKJSzItLBf-b8E2pEAE&cid=CAQSTwAvHhf_FZ7WAzMErvUp4u7ff9eoa7hOB3mTND6ojlT0RFlam3ijYlvP9T-1605wWVCi5GkXSTChui42SkBDtYcflZY0XhgUjvxRtku9lo0YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=427,922,1000,1000,1000&tos=427,495,78,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704885633959&rpt=339&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A32 43 B
215 B 220ms
220ms Image
image/gif 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=bf2eb816-013e-0e04-cb26-77aa954d19ca&tv=%7Bc:TDb2b,pingTime:1,time:1183,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:127%7D,%7Bpiv:93,vs:i,r:,t:183%7D,%7Bpiv:100,t:383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1000,o:183,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~728.90%5D%7D%7D,%7Bsl:i,t:183,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B200~75,801~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:511,fm:u0Xsnpi+11%7C12%7C1311%7C1411%7C1412%7C1511%7C15121%7C161*.1898970-77442736%7C1611%7C1612%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:128,sis:205%7D&br=c
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4A32 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=bf2eb816-013e-0e04-cb26-77aa954d19ca&tv=%7Bc:TDb5q,pingTime:1,time:1384,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:127%7D,%7Bpiv:93,vs:i,r:,t:183%7D,%7Bpiv:100,t:383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1201,o:183,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~728.90%5D%7D%7D,%7Bsl:i,t:183,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B200~75,1001~100%5D,as:%5B1201~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:511,fm:u0Xsnpi+11%7C12%7C1311%7C1411%7C1412%7C1511%7C15121%7C161*.1898970-77442736%7C1611%7C1612%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:128,sis:205%7D&br=c
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:35 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A32 0
20 B 60ms
59ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4075968295508&version=m202309260101&ct=76&x=1&cor=10012990520414462000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame BD03 2 KB
2 KB 167ms
85ms Script
text/html 18.132.155.94

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=13895000073631704444552012565028&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.155.94 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: adde606533856890ffe5b7ddc6e6fa2aee7231ea97517551faea7ba49a86bb7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:38 GMT
last-modified: Wed, 10 Jan 2024 11:20:38 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 10 Jan 2024 11:21:38 GMT

GET
H2

200

activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545 Show response
5994599.fls.doubleclick.net/ Frame D3C7
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545?

392 B
287 B

143ms
142ms

Document
text/html

142.250.186.70

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4d7e5fe1ba23a97bc597181de1e44b543b41e17074f8fa6ec5daa6dc5dc26c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:38 GMT
expires: Wed, 10 Jan 2024 11:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame D8A6 7 KB
2 KB 53ms
13ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 2cf167630d99c3625bdc5629ae8f3f17f9ce87b0eccc14ee57e12115c2d52b0c

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2074
Content-Type: text/html; charset=utf-8
Date: Wed, 10 Jan 2024 11:20:38 GMT
Expires: Wed, 10 Jan 2024 11:20:38 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7085 2 KB
2 KB 143ms
103ms Script
text/html 18.132.155.94

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=11902600070464804444552012565022&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.155.94 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: a767f51c86e4941451791b47128242c83f05dd16dc02b902369e72f18ebe5c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:38 GMT
last-modified: Wed, 10 Jan 2024 11:20:38 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 10 Jan 2024 11:21:38 GMT

GET
H2

200

activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683 Show response
5994599.fls.doubleclick.net/ Frame 0ECD
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683?

391 B
324 B

113ms
112ms

Document
text/html

142.250.186.70

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

db114d496f0712cbae0ffbc247fb83414bbcb1deeb959ed1ab312214700b33f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:38 GMT
expires: Wed, 10 Jan 2024 11:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:20:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 7D4F 7 KB
2 KB 64ms
41ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: b3a3409648d011bc825c197efe950e4e2d1b1b2bec07fbf5e60bbda0a5dab109

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2069
Content-Type: text/html; charset=utf-8
Date: Wed, 10 Jan 2024 11:20:38 GMT
Expires: Wed, 10 Jan 2024 11:20:38 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 css
fonts.googleapis.com/ Frame D8A6 5 KB
682 B 71ms
70ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 11:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 11:10:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 11:20:38 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D8A6 13 KB
13 KB 121ms
51ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 9c6b6dd86cf1f25926466a3a8c69ba90c3acaa7624e179fcc10b48994a96d689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13087
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D8A6 13 KB
13 KB 258ms
172ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 907a746b0f04c42c45255e2a01e66a5cdfbe9e3993a480788d973604d3e6ca7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12959
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D8A6 8 KB
9 KB 158ms
51ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 79e54805b510d5d78b2b041fbc546beabad77cfa0e85d88c3802bfd1a54d9576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8646
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 7D4F 5 KB
682 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 11:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 09:31:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 11:20:38 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7D4F 13 KB
13 KB 131ms
44ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 9c6b6dd86cf1f25926466a3a8c69ba90c3acaa7624e179fcc10b48994a96d689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13087
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7D4F 13 KB
13 KB 333ms
43ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 907a746b0f04c42c45255e2a01e66a5cdfbe9e3993a480788d973604d3e6ca7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12959
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7D4F 8 KB
9 KB 1058ms
35ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=55&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 79e54805b510d5d78b2b041fbc546beabad77cfa0e85d88c3802bfd1a54d9576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:39 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8646
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame D8A6 0
150 B 159ms
55ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=13895000073631704444552012565028&a=1bb97881&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=13895000073631704444552012565028&a=b66ab01e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 7D4F 0
150 B 155ms
55ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=11902600070464804444552012565022&a=11ab60a6&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=11902600070464804444552012565022&a=d1927429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 11:20:38 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame BD03 54 KB
19 KB 259ms
105ms Script
application/javascript 18.66.147.41

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=13895000073631704444552012565028&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:33:50 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 10:01:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17209
x-amz-server-side-encryption: AES256
etag: W/"624072fcf9e7c9c12da505b4794801fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: f2utD-9a0J6rQ1E3jiYUG1M0U1IrzFt0ggzLRngV0LiN8XUj7MfGUA==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame BD03 3 KB
3 KB 151ms
54ms Image
image/png 99.86.4.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1704885938&Signature=dxtIjkiE032aR8xhxvetry2nx--bQMaLudWjbDq8QP7fJgQo7VHIGIPMji0NxAWBvDioaix9~UxCzsGhd9IUFJKSYokqqnwD6JWAVjBDPxWd6Oux2~YDulPW3CnAYJQ94liEtPDUvgIKv4laahsBMR2iWWCu3JMtHAUxPq-ta21kaPwmXKEqsoBvhDZT6UDCNI254yJRLpMzFOBBTDH1GZ6S28fgRmPlMAf78r~BZ2Q~kwFr6JNzpVb~PIYa5PDwy4JLyAXZPxIDsQXAvPZO5jn1MafMc7Zq3cisZGAcTYSzOCKjQRRF1mzWKRhTedHaVWzkfRyg~TE9AMMBwuc4Fg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 10 Jan 2024 09:14:44 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 7554
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 6fms9l3NjfasrsUjRf6eVcdd_3Z2_N4IQaIFMvXwdkj8RewsEtFhiw==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7085 54 KB
19 KB 243ms
106ms Script
application/javascript 18.66.147.41

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=11902600070464804444552012565022&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:33:50 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 10:01:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17209
x-amz-server-side-encryption: AES256
etag: W/"624072fcf9e7c9c12da505b4794801fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: J2CW3MCRBBbOP5duRolmhpO-gWIu5QXdOb622TZO-6LPKHcsSa6tpg==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 7085 85 B
436 B 134ms
55ms Image
image/gif 99.86.4.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1704885938&Signature=JYoUynIZp-6WfQDU-DmYFHz0j1AE6iiD~PDSHJCCUupI-NHGrPHbapCxYu0Ly0v0RhcD8zwQyBfm1pSS1xE1gONWCQDaa~2SoNLH5cmbnut-nXIA1UYY04FV37u6Q8681kYVHCiUeT4ct8JrI0YY7z6~nI7sE-TmyJsTaJFR4hVoFiEciPSzD6vcrGQxQ5TLsjaylXugApheuisgAFTvyQJ3Mq1TYNQ-Nu4d9ceL2M6wI9lvAUhyid-OQIUzJsksjl8MmFxjIR-WXIK8hICJLfxIJf0LnRPgA9KCPMq6M9GBnH8ayGp~mTlU7Vv5GOacPSseQ-GlhHgVdhVbgSVjqA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 10 Jan 2024 06:28:28 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17531
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: PiiX1zx-znI_dnBq4wdHI6yxedhSPqBjHPF8nwqol0swya9LRTNqxg==

GET
H2 200 dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683
adservice.google.com/ddm/fls/z/ Frame 0ECD 42 B
401 B 202ms
85ms Image
image/gif 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMr05PbZ0oMDFYwQogMdQ1ELEQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5244337849138.683?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545
adservice.google.com/ddm/fls/z/ Frame D3C7 42 B
107 B 138ms
86ms Image
image/gif 2a00:1450:4001:810::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO_55PbZ0oMDFUoaogMdDpQBHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4851338163538.3545?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 11:20:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST tracking-event
api.webgains.io/ Frame BD03 0
0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 95ms
31ms Preflight 13.42.80.79

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.80.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 10 Jan 2024 11:20:39 GMT
server: nginx

POST tracking-event
api.webgains.io/ Frame 7085 0
0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 82ms
30ms Preflight 13.42.80.79

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.80.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 10 Jan 2024 11:20:39 GMT
server: nginx

GET
H2 200 navbar.html
officiallysp.net/ 16 KB
2 KB 111ms
111ms XHR
text/html 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://officiallysp.net/navbar.html
Requested by: Host: officiallysp.net
URL: https://officiallysp.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 4ca9f49c31b1c24c84dc82d632300f2fcd38c731
date: Wed, 10 Jan 2024 11:20:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 1919
x-served-by: cache-fra-eddf8230061-FRA
last-modified: Mon, 08 Jan 2024 21:44:31 GMT
server: GitHub.com
x-github-request-id: 9ADC:2E18B3:1C906F5:1CFE42D:659E7D87
x-timer: S1704885639.263650,VS0,VE104
etag: W/"659c6cbf-3e37"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 10 Jan 2024 11:30:39 GMT

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 66ms
66ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240108&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12033
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7085 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b26f94b0a3587e33f28017dd70e2ed7a5c6880b8387a8e11fb0d171a0506b79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7D4F 14 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:12:00 GMT
x-content-type-options: nosniff
age: 151719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:12:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7D4F 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:49:48 GMT
x-content-type-options: nosniff
age: 95451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:49:48 GMT

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://officiallysp.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 11:20:39 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 994C 0
0 15ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://officiallysp.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 11:13:45 GMT
expires: Thu, 09 Jan 2025 11:13:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET aframe
www.google.com/recaptcha/api2/ Frame 7B39 0
0

GET nucleo-icons.css
demos.creative-tim.com/soft-ui-dashboard/assets/css/ 0
0

GET nucleo-svg.css
demos.creative-tim.com/soft-ui-dashboard/assets/css/ 0
0

GET soft-ui-dashboard.min.css
demos.creative-tim.com/soft-ui-dashboard/assets/css/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET down-arrow-white.svg
demos.creative-tim.com/soft-ui-design-system/assets/img/ 0
0

GET down-arrow.svg
demos.creative-tim.com/soft-ui-design-system/assets/img/ 0
0

GET free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.webgains.io
URL: https://api.webgains.io/tracking-event

Domain: api.webgains.io
URL: https://api.webgains.io/tracking-event

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Domain: demos.creative-tim.com
URL: https://demos.creative-tim.com/soft-ui-dashboard/assets/css/nucleo-icons.css

Domain: demos.creative-tim.com
URL: https://demos.creative-tim.com/soft-ui-dashboard/assets/css/nucleo-svg.css

Domain: demos.creative-tim.com
URL: https://demos.creative-tim.com/soft-ui-dashboard/assets/css/soft-ui-dashboard.min.css?v=1.0.2

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Domain: demos.creative-tim.com
URL: https://demos.creative-tim.com/soft-ui-design-system/assets/img/down-arrow-white.svg

Domain: demos.creative-tim.com
URL: https://demos.creative-tim.com/soft-ui-design-system/assets/img/down-arrow.svg

Domain: ka-f.fontawesome.com
URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 02:56:21	Name: IDE Value: AHWqTUkn0glcZz6YkFONmvqXbWvG-rMFmjHdenOoM88RUiIV-YWjbdIDFTaU88CF
.officiallysp.net/	1970-01-21 02:56:21	Name: __gads Value: ID=b6056a4dc452e6b5:T=1704885632:RT=1704885632:S=ALNI_MaoFY4DpAN5N2AfUjzj51Ec6dUafA
.officiallysp.net/	1970-01-21 02:56:21	Name: __gpi Value: UID=00000d3f1714545e:T=1704885632:RT=1704885632:S=ALNI_MYx-0vjTj90BWifEJf7yDqPIxPd0g
.casalemedia.com/	1970-01-21 02:20:21	Name: CMID Value: ZZ59glgYbi50pZA5yc067QAA
.casalemedia.com/	1970-01-20 19:44:21	Name: CMPS Value: 3383
.casalemedia.com/	1970-01-20 19:44:21	Name: CMPRO Value: 3383
.adnxs.com/	1970-01-20 19:44:21	Name: uuid2 Value: 8664442215501047596
.adnxs.com/	1970-01-21 03:10:45	Name: XANDR_PANID Value: tETht0EKluZBTJ4UiXuvlSxbh4StJu1QaZBWtpGC2QcLHaJOemVtipIUlp6BQ0UZ7mTUXrnd9TDlPqaLKYW_JVaR2WMUmw-q8BE7hFZ5uF4.
.adnxs.com/	1970-01-20 19:44:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbzrMS%s!@wnfH8K6pQK`!5=E<L5?%K>5=#:wi7Lqw32pcT/3Z>B[o#5%:'nkAhWbQS%nugO%v4VB%np2[R=CW
.doubleclick.net/	1970-01-20 21:53:57	Name: APC Value: AfxxVi46j_OjXKzGjuIAnEbWcd6hv2e9kC01V4osm6bDjYYgId7o9g
.redintelligence.net/	1970-01-20 19:44:21	Name: 8lcfmzhxc8d6_uid Value: 9fdd7fe31b1d99e6
.doubleclick.net/	1970-01-20 18:17:57	Name: ar_debug Value: 1
.bluekai.com/	1970-01-20 21:53:57	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:53:57	Name: bkpa Value: KJy20AWvQY9xxBcENnjhHQ55uJLrWiD6AY/k7qXySdA44pikC1WHsh8liP/X2cZEPc0TxiG5EHJpAN7Vo2Zx9ZKSn5P//x9Q4lCDHqY/qwXlFbdP8euCrxaQwiEo
.bluekai.com/	1970-01-20 21:53:57	Name: bku Value: ts6O9/J27ZDhr7Ah
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.awin1.com/	1970-01-20 17:44:50	Name: awpv11601 Value: 113440\|1704885634\|45f3a2c0-afaa-11ee-94b4-2233c304522e
.office-partner.de/	1970-01-21 03:10:45	Name: source Value: {"webgains_webgains":{"timestamp":1704885634878,"clickCookie":false}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.track.production.webgains.team
cm.g.doubleclick.net
demos.creative-tim.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
github.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900022.redintelligence.net
hal900028.redintelligence.net
ib.adnxs.com
ka-f.fontawesome.com
kit.fontawesome.com
officiallysp.net
pagead2.googlesyndication.com
pv.medialead.de
raw.githubusercontent.com
s0.2mdn.net
static.adsafeprotected.com
tags.bluekai.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
api.webgains.io
demos.creative-tim.com
fonts.googleapis.com
ka-f.fontawesome.com
www.google.com
104.18.36.155
108.128.112.35
13.42.80.79
140.82.121.4
142.250.185.226
142.250.186.162
142.250.186.166
142.250.186.70
144.76.104.53
18.132.155.94
18.66.147.41
23.56.205.163
2600:1f13:800:7780:2a52:f7b8:c3aa:b2c1
2600:9000:223f:8800:8:48e:53c0:93a1
2606:4700:20::681a:c1c
2606:4700:4400::6812:2844
2606:4700:e0::ac40:6a17
2606:50c0:8002::153
2606:50c0:8003::154
2a00:1450:4001:802::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2006
2a0b:4d07:102::1
37.252.172.123
69.192.160.219
88.99.165.19
88.99.219.174
91.121.248.44
99.86.4.94
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552
211016d14bd16c8b139814531dbf02d3993f9e66dd6942659269303ce8dd3fec
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2520e71327f061ecaef4c0c743d6ae5bb4c0f1764636e19d78c6acb7bbd7f0c3
27286bd265f042457f1caa96edac56779a857197efc46c74e5fe135b6810476e
2734a62ced47951ed230ed3c383757af80f84b079f8f9e66e5ee7de203d983bc
2addbb0244fd1aa0534d85f78a5cc86c6f96d8f0d756f67cda9f0b4876ebdf98
2cf167630d99c3625bdc5629ae8f3f17f9ce87b0eccc14ee57e12115c2d52b0c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fbe38e2608353a5f83fa8de24921f2e635491fc388c7b4e512b5eb952c22a05
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a96f4d1f03d358709f3f9118ed6640145d54062ad7f6ee768208c4d4111dfc
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be0f63f270ac9e5fa60b6e0560cfff6ed5a1ea06a39ffe6c0f28d098baa569f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7e5fe1ba23a97bc597181de1e44b543b41e17074f8fa6ec5daa6dc5dc26c2b
51368f2b8563e2b7b653f8aa5115223abb353e7e97926a74c4fc8314744bda6c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d44403b8347f326bf8503d5ae994a1b17195d2b093e317cb048aed913f914b9
61ac044e4a4175dce3b7128eb048ed956cf41a2b03e9a86fe78ff5b9fc6715a9
69633635f47a1973f6d69f2fa25da043c9079adebc20f049fe86169e2e0b8724
6dc03394c410b465031aaf12d8d4e3595633c006f79c30956f2c266a52be4dda
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70857504e246762877461c8aa20de02df0d734bb0ad14dde07cb0e02cff8fb91
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
79af0270d47ff83fe1f753870300b4a0fb3a3d88ce4bc184340187ebd5c497f0
79e54805b510d5d78b2b041fbc546beabad77cfa0e85d88c3802bfd1a54d9576
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7b26f94b0a3587e33f28017dd70e2ed7a5c6880b8387a8e11fb0d171a0506b79
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
865501ad6009d06fcff73d35c0eeeab866525ef8fbc488f926e97658db0a32ae
88b7269b1f5eec4dc51c2005d31edfa88092b91722a25a098bf0b369c436706c
8adb9b85292100b02bcaf8e97b9080e3236a6aad2bb8dc0354bf39e2237ae8aa
907a746b0f04c42c45255e2a01e66a5cdfbe9e3993a480788d973604d3e6ca7c
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9c6b6dd86cf1f25926466a3a8c69ba90c3acaa7624e179fcc10b48994a96d689
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a767f51c86e4941451791b47128242c83f05dd16dc02b902369e72f18ebe5c27
a7b23b67962956c4e588664f1b1758afb4eda63be983549351204b15035d74b2
aa9264be58c8ef61d1bd2e36c7ee38974a8c79e198a8859eaee5eca85c996e10
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
adde606533856890ffe5b7ddc6e6fa2aee7231ea97517551faea7ba49a86bb7a
af090dc69e0db8bf73cd77fab63abcc02d4eb911df01fff657acbe2ab3371794
af35aa2c0413c213387125cbdb428febe6118224351fc873fabaf6b37665f767
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a3409648d011bc825c197efe950e4e2d1b1b2bec07fbf5e60bbda0a5dab109
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be4ec0712dc183908e0a7ee57c2d962b7e521bc740638bb357eedf0cc24efccf
c32b61de13ae99aea865f36d13ed70fb1bd60adf48498c6c2c582f995b309833
c4232518142d105f2d2d70aed6fecee7d89970e82474606fed7dd2e05e0f74b5
c836957766086ae5306530a240dbbd4a7e16e46581a22df3d8bfa62f29a178fa
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d2bcea3cd95d241d79f71ce3066c3670e8af27fdde3b26e5e21dd5c01a3bacad
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
db114d496f0712cbae0ffbc247fb83414bbcb1deeb959ed1ab312214700b33f5
db7b1fa96ad618e1616ff9e4efbeeef4f5d153541e9797beeb91fc5fef187ec6
e2175d899494c44e9a141b23816c81532d9f9256fdfadd1268c24f616d98a3ff
e3039b83f93f42d39138d253991aaa0ed99c7d63ac80aa4ab9b00f25b43b9ec0
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52b0500986e2b74b81f4b0bc3ca71f214a8147dbe92e01a21f31b590981ff2e
e672d14899098bea44bae9df998d95db6b26aff6042a596ba7711fc62f51f2eb
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
ffaa6015ee7a544a65e65d67e97be008f81fba1463ecc8eaee17ce8a317e5f88

officiallysp.net Open in urlscan Pro 2606:50c0:8002::153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

85 %HTTPS

49 %IPv6

24 Domains

37 Subdomains

35 IPs

5 Countries

2113 kBTransfer

6027 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

officiallysp.net Open in urlscan Pro
2606:50c0:8002::153 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

85 %
HTTPS

49 %
IPv6

24
Domains

37
Subdomains

35
IPs

5
Countries

2113 kB
Transfer

6027 kB
Size

18
Cookies

174 HTTP transactions
2 data transactions