Submitted URL: https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/
Effective URL: https://krank.de/produktcheck/nierexin/
Submission: On February 15 via api from US — Scanned from US

Summary

This website contacted 24 IPs in 5 countries across 16 domains to perform 106 HTTP transactions. The main IP is 35.204.103.237, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is krank.de.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.
This is the only time krank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 62.116.173.69 15456 (INTERNETX-AS)
12 35.204.103.237 396982 (GOOGLE-CL...)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
14 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2a03:2880:f00... 32934 (FACEBOOK)
4 2606:2800:220... 15133 (EDGECAST)
1 2607:f8b0:400... 15169 (GOOGLE)
2 104.244.42.136 13414 (TWITTER)
1 10 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
11 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 172.253.115.155 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.253.62.157 15169 (GOOGLE)
2 3 104.18.36.155 13335 (CLOUDFLAR...)
1 1 172.253.122.155 15169 (GOOGLE)
106 24
Apex Domain
Subdomains
Transfer
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
ade.googlesyndication.com — Cisco Umbrella Rank: 307
350 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 2
cse.google.com — Cisco Umbrella Rank: 3353
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659
191 KB
14 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
bid.g.doubleclick.net — Cisco Umbrella Rank: 1015
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
60 KB
12 krank.de
krank.de
690 KB
10 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4212
35 KB
7 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1221
syndication.twitter.com — Cisco Umbrella Rank: 1517
148 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
imasdk.googleapis.com — Cisco Umbrella Rank: 476
137 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696
2 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1326
r4---sn-q4fl6n66.c.2mdn.net — Cisco Umbrella Rank: 133651
949 B
3 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 1042
138 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
32 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
177 KB
1 nierexin.de
static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de
155 B
106 16
Domain Requested by
14 pagead2.googlesyndication.com krank.de
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
12 krank.de krank.de
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 static.addtoany.com krank.de
static.addtoany.com
7 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
5 csi.gstatic.com imasdk.googleapis.com
5 www.google.com 1 redirects www.google.com
tpc.googlesyndication.com
4 platform.twitter.com static.addtoany.com
platform.twitter.com
4 www.google-analytics.com krank.de
www.google-analytics.com
www.googletagmanager.com
3 dsum-sec.casalemedia.com 2 redirects
3 imasdk.googleapis.com googleads.g.doubleclick.net
3 static.xx.fbcdn.net www.facebook.com
2 r4---sn-q4fl6n66.c.2mdn.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com connect.facebook.net
2 syndication.twitter.com platform.twitter.com
krank.de
2 connect.facebook.net static.addtoany.com
connect.facebook.net
2 www.googletagmanager.com krank.de
www.google-analytics.com
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 ade.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 cse.google.com krank.de
1 static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de 1 redirects
106 28

This site contains links to these domains. Also see Links.

Domain
www.nierexin.de
bit.ly
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.addtoany.com
Subject Issuer Validity Valid
krank.de
R3
2024-02-03 -
2024-05-03
3 months crt.sh
static.addtoany.com
E1
2023-12-27 -
2024-03-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-11-25 -
2024-02-23
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
syndication.twitter.com
R3
2023-12-06 -
2024-03-05
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2024-01-16 -
2024-03-26
2 months crt.sh

This page contains 15 frames:

Primary Page: https://krank.de/produktcheck/nierexin/
Frame ID: 56E0AC507D27BB9E99E0D460D2504275
Requests: 55 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 2EC6FFC4343DD4475DF28DC4DE14D734
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Frame ID: 40DE6026A0801F9B9E6285A85C4B75C8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1708036897&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036896880&bpp=3&bdt=1014&idt=241&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3988413416326&frm=20&pv=2&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=272
Frame ID: A0F0144B02CC9D84DAADF5464D1E6EB6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: DF0B337422EB30993EE2B60E688C892A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb671d447ea32fc1b%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: EBECE1FA640593F6E31F2F05047216EE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2497329281&pi=t.aa~a.3479421391~i.8~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=2&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1958&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=165
Frame ID: 308CF271A36DAE084C6581E291FB756C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2569360964&pi=t.aa~a.3479421391~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=238
Frame ID: 8D62269DF5B3689375D09FDCAA85EDF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=3345664795&pi=t.aa~a.3479421391~i.15~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=243
Frame ID: 8B744EBC9C9B5E417237AAD96137AF2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2600070758&pi=t.aa~a.3479421391~i.33~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=5&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=248
Frame ID: F7D6504EDBA22331C08B632971DC795D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 12A7F1246E02BECF3A55B27EB9F0971D
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7BC5B818459C5B3C229C1EDB00D63E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D2D348B4BB14ED87E3646165CCF056B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 898B7EC26F99FFB5E92EE698820CD760
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 13E7D9E9BEF772796DC6054F783E56EA
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Nierexin Produktcheck - Bewertung - Produkt im Test » Krank.de

Page URL History Show full URLs

  1. https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/ HTTP 307
    https://krank.de/produktcheck/nierexin/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

106
Requests

96 %
HTTPS

73 %
IPv6

16
Domains

28
Subdomains

24
IPs

5
Countries

2101 kB
Transfer

11067 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/ HTTP 307
    https://krank.de/produktcheck/nierexin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei HTTP 301
  • https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
Request Chain 80
  • https://gcdn.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B7FF5CBD00430A1B20E3D7D8AC1E1D5B8C9B36C0.36E638E93EE6C01EF4CB76F65DB1F3786D0B141A/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4
Request Chain 101
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CL8BEMmpGBjhj6zzASABMAE&v=APEucNUXrTULK88tm2u50YzsgH5-RP50KZYonZOM_i4kEsxJprVJ_sQ4sKgSN9DBa5pO3gKZqbZznwsEBPBX7kP25XTuGEOIcWvLmP1KKM3BA5CJT0UdzFw HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6TI9HM784AAFKqAGNsIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1

106 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
krank.de/produktcheck/nierexin/
Redirect Chain
  • https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/
  • https://krank.de/produktcheck/nierexin/
84 KB
22 KB
Document
General
Full URL
https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
2a076b7d7089628be1ecd036b9b49e0faf5a300138c500fad100b6d03494e310
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Feb 2024 22:41:35 GMT
server
nginx
strict-transport-security
max-age=63072000
vary
Accept-Encoding

Redirect headers

content-length
75
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 22:41:34 GMT
location
https://krank.de/produktcheck/nierexin/
x-redirector-id
029030e28f9053d8ace67c987a9e4227443b2ede73eda74f335229f3182ca63c
autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
krank.de/wp-content/cache/autoptimize/css/
2 MB
300 KB
Stylesheet
General
Full URL
https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
34c2528db29af28ba40106ece5fa4b7a8f77885600c9d13f5c345f931d7346fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Sat, 20 May 2023 09:10:20 GMT
server
nginx
etag
W/"64688e7c-19417c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
ebs_dynamic_css.php
krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/
0
274 B
Stylesheet
General
Full URL
https://krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
page.js
static.addtoany.com/menu/
3 KB
2 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11114
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"257f9651f9cfd949f6dde30f51352116"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61Oh46qRQeKE1XSZgZwbHVrNOeUVWAic5XuaSvHIPRT4r%2BmS9RZ6PHw6d%2BslHi1nulbbL0v%2BizdY4S434b0JOJSvDyVAykpAHMLkSVIJOP%2FjwE1KwkvnmHLMlgVvKwOCvg5N%2BJI1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
85610f2b1b6f7420-MIA
js
www.googletagmanager.com/gtag/
275 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
121e938e1bf737d88f63ab06c7eea1ac42dcf748bee7076624fb35bd0252e45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93766
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 22:41:36 GMT
krank-logo.gif
krank.de/wp-content/uploads/2017/09/
5 KB
5 KB
Image
General
Full URL
https://krank.de/wp-content/uploads/2017/09/krank-logo.gif
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security
max-age=63072000
last-modified
Tue, 19 Sep 2017 14:28:58 GMT
server
nginx
etag
"59c129aa-1523"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5411
expires
Thu, 31 Dec 2037 23:55:55 GMT
penci-holder.png
krank.de/wp-content/themes/soledad-theme/soledad/images/
125 B
332 B
Image
General
Full URL
https://krank.de/wp-content/themes/soledad-theme/soledad/images/penci-holder.png
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 27 May 2022 19:02:46 GMT
server
nginx
etag
"62912056-7d"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
125
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
047043c63214ab371ba64e454267f5c75cee938b7cf50282c88714652d2745f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51545
x-xss-protection
0
server
cafe
etag
16544720189357361442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 15 Feb 2024 22:41:36 GMT
copyscape-seal-blue-120x100.png
krank.de/wp-content/uploads/2017/02/
4 KB
4 KB
Image
General
Full URL
https://krank.de/wp-content/uploads/2017/02/copyscape-seal-blue-120x100.png
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
last-modified
Sun, 26 Feb 2017 20:32:54 GMT
server
nginx
etag
"58b33b76-101a"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4122
expires
Thu, 31 Dec 2037 23:55:55 GMT
autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js
krank.de/wp-content/cache/autoptimize/js/
370 KB
121 KB
Script
General
Full URL
https://krank.de/wp-content/cache/autoptimize/js/autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
content-encoding
gzip
last-modified
Fri, 20 Jan 2023 15:24:24 GMT
server
nginx
etag
W/"63cab228-5c795"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 21:00:24 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6072
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Feb 2024 23:00:24 GMT
fontawesome-webfont.woff2
krank.de/wp-content/themes/soledad-theme/soledad/fonts/
75 KB
76 KB
Font
General
Full URL
https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 27 May 2022 19:02:46 GMT
server
nginx
etag
"62912056-12d68"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
77160
expires
Thu, 31 Dec 2037 23:55:55 GMT
penciicon.ttf
krank.de/wp-content/themes/soledad-theme/soledad/fonts/
33 KB
33 KB
Font
General
Full URL
https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/penciicon.ttf
Requested by
Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
last-modified
Fri, 27 May 2022 19:02:46 GMT
server
nginx
etag
"62912056-8370"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
33648
expires
Thu, 31 Dec 2037 23:55:55 GMT
momizat.ttf
krank.de/wp-content/plugins/krank/fonts/icons/momizat/
102 KB
102 KB
Font
General
Full URL
https://krank.de/wp-content/plugins/krank/fonts/icons/momizat/momizat.ttf
Requested by
Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 11 Oct 2017 09:40:31 GMT
server
nginx
etag
"59dde70f-19748"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
104264
expires
Thu, 31 Dec 2037 23:55:55 GMT
glyphicons-halflings-regular.woff2
krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/
18 KB
18 KB
Font
General
Full URL
https://krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
last-modified
Wed, 11 Oct 2017 09:40:40 GMT
server
nginx
etag
"59dde718-466c"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
18028
expires
Thu, 31 Dec 2037 23:55:55 GMT
move-3605073_640-300x196.jpg
krank.de/wp-content/uploads/2020/06/
8 KB
8 KB
Image
General
Full URL
https://krank.de/wp-content/uploads/2020/06/move-3605073_640-300x196.jpg
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
word1.hyro.ag
Software
nginx /
Resource Hash
5db39a62ee9abcc30a30b63fcf2915e123217f6d2ff2a6a668198635386d61b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/produktcheck/nierexin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=63072000
last-modified
Thu, 04 Jun 2020 03:43:00 GMT
server
nginx
etag
"5ed86dc4-1f3e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7998
expires
Thu, 31 Dec 2037 23:55:55 GMT
sm.25.html
static.addtoany.com/menu/ Frame 2EC6
716 B
743 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
9993
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
85610f2c5dbb7420-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 22:41:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNPmod7E3XJlqGN4nQ7%2BOZxqF10ezDuTaf6ywUW%2B7MplWLBH%2BQLe81cR2fKYEMjfVCPBtbMWwcZnzsPjTywQ2D8M7UCngHAcl6dduCqUS2xPmmH%2BtxQz%2B%2FzDvPyLmmFigu7jh3x4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.Ep5bSEmr.js
static.addtoany.com/menu/modules/
70 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://krank.de/
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10973
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"a995aaed2cd978eb5749462d1dc3635e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jZAqz4WAoB0JKUkIHLmkp4vAiJZgsmozAy0%2B1odrkezxuo%2BvBcfszJAGcVTMHmGhMn2PKe9RpoRRPEW2gQlJtir2KjkY%2FrIwW0lobTteOpI2fA1WJrcMzCfoycbKlxX1Lh%2FveSKJGCpVcRMLJ40rmLT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
85610f2c0fc44982-MIA
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
  • https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
9 KB
4 KB
Script
General
Full URL
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Server
2607:f8b0:4004:c1f::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
198d6d513b26128ddbb294a9ff929fa1e8b297e00feb0929204558ed56cb6015
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-jT0Ps9FFDmCNTFzSobUxtA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-jT0Ps9FFDmCNTFzSobUxtA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Thu, 15 Feb 2024 22:41:36 GMT
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

Redirect headers

date
Thu, 15 Feb 2024 22:22:24 GMT
x-content-type-options
nosniff
server
sffe
age
1152
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
expires
Thu, 15 Feb 2024 22:52:24 GMT
facebook.js
static.addtoany.com/menu/svg/icons/
430 B
869 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/facebook.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3c6ccaafe275b5b477d0400b5847bbce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBUeKc3uZaTzdjPCM7EeTlVseM7DbZTY2Of9t96GtWU7oTtX2LSWwdwR0XH%2BwLYsl0BRaXfJS5CzqdqvSTHdiMYXMVafvC%2BWCWuWlgcuDRG%2B6ID%2BNsB7MXU%2Fm7JPuykWbUgzGA4Q3RrCUWA6yQJOeie9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d2cd9b1-MIA
twitter.js
static.addtoany.com/menu/svg/icons/
695 B
942 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/twitter.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"31edccd311957616d32bbcad27fcf679"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmjK9kvc5Lje7r7FHcinH5c55tayGcPjhGJh%2FyqbaXzF%2F0qyWfKkLKGCyKKJNq2QqKC6GX6dY0298DrVME%2B0cAqQizQbKzxfEzS%2Fpy2lWqxUdMzN0x5TkgKBty7PNI6PfZGFI1cQ9UTjIPBnPP3LADBn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d30d9b1-MIA
pinterest.js
static.addtoany.com/menu/svg/icons/
901 B
1 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/pinterest.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"573fae6e51435ee7155601d053377d81"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrbUQ%2BsPtiIcSf9JEx%2F6UzrLPZrAMMGsjyhH0TO8v6kfk3jafteJRDm12O1ozZyBbWTozXUnz7WPtd4%2BhypP9CBeCd6DHSkak0OpZooI1X1VNrpfTsY3kJGWYyZ7cMw4lo9iWMcqL4y7fvlTHFfX3pEj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d32d9b1-MIA
whatsapp.js
static.addtoany.com/menu/svg/icons/
1 KB
1 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/whatsapp.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6a035bb94747645017c1cfe9f5801857"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HYFFV78Mb9TEcYMBQe%2BvuS4YOkBcONTqGrqk48gf7tb%2BGEe4WDCwRIp1y1iBFZQ%2FsSP9gFEF7vPwAzdQgxqUYFkFrY%2BYLuc87P5lP6rwE5kfQcPB8Pmexh7hpWZ1i9hMLgmYeBNusbetFjLNN02ytXQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d35d9b1-MIA
facebook_messenger.js
static.addtoany.com/menu/svg/icons/
378 B
808 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/facebook_messenger.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a7acd011eeba6d8c34c891c7c795d4e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDc0M6gmIylJVGovYHO7oYX3TYuchiQFFvlh1iBeQikRgtcI7HTxoTMRG5xYxSNRYJmLnhhpKjSuHSx%2Bk8GWHoMgHvqlUs7vmpL04cLsKKkB%2Ft43raW7BegpSRsGxrQBx%2FJoUKBJObgiWMc4KzLV%2FXwB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d38d9b1-MIA
wordpress.js
static.addtoany.com/menu/svg/icons/
1 KB
1 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/wordpress.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"fed705ff9e8985758014dc0e4aca605e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90kED2AszxEn08qvuWDM19kpE3WUUN61Rc963jb%2BIm5CEzlcyR3MN8acne6pmkC17Q65iyXW30LwhC3J%2FYbqCWAZnAA4lxrW%2F16C18lVhEmATAu2zqHd1rluopxa4h1%2BZ1Xq3d0SgAEnRn%2FJbjFQtyhb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d3ad9b1-MIA
email.js
static.addtoany.com/menu/svg/icons/
427 B
836 B
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons/email.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24799
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHMHYqnoExKVBVyPSWtFdO6mYaDo3swGkiluGyrjzIELWqlFFG%2Fz26NH7gHbWd7tUU%2BXuBYKzu6leU2dO%2F15ltjtrdqhbCDOecPK3UFM3PgwMx9T2ixKP6S5Sk5chuyESiJlWnypkErxejJ8xJndeEU1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7776000, stale-while-revalidate=30, public
cf-ray
85610f2c6d3bd9b1-MIA
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7168087d5f93da952708be1bc84670514ddd73087ddd4241d7aa06be86a2f57f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 22:41:36 GMT
content-md5
H/a4RzXLliOl0IyrekdFfw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
UsCPg8tm/4tgo+gy2E1YaxPWYLY4e2o7z7ggKgPymdvmyg+Uf3S0VOG8VcZDrvC8zVQO6zIQWJQm8+VB+WJqVw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f174ce81319829583c7e2049491bb9ea
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"bb908bdc4c2b38cf9aa01aa2fd6e3863"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 15 Feb 2024 22:54:32 GMT
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mic/9B14) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 22:41:36 GMT
Content-Encoding
gzip
Age
765
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (mic/9B14)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
collect
www.google-analytics.com/j/
16 B
217 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=264240961&t=pageview&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&ul=en-us&de=UTF-8&dt=Nierexin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1004007409&gjid=2116736660&cid=1833592369.1708036897&tid=UA-75122288-1&_gid=1112546001.1708036897&_r=1&_slc=1&z=1964720126
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krank.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 40DE
319 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mic/9B22) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5721613
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Feb 2024 22:41:36 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mic/9B22)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
sdk.js
connect.facebook.net/en_US/
303 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e61d46fcac7243be47cf35120a653e5c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56b586b9980faa3895fedc82d3f7946549046f48ab48b532d2b84d9b90a1a684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://krank.de/
Origin
https://krank.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 22:41:36 GMT
content-md5
2R+10TH7kug6Y0SLjBb8rw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88665
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
zynwPuADeTlh7Z7zcrpJFIDBJ8qywev7MGWO7eM/qfpIhxNRDNM0s1zdsvHKaI8Qovv+vAI9BX9trxXtwaak0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
acfb8e54867a3da028bb6512a318df19
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8ead30e2e0d395644e0a939b78c45df0"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 14 Feb 2025 21:55:54 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/
406 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a955b5d86b03b44b4bec0819234fb3ce63a54e0d92b10a7bb2e24b2d30e54369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140975
x-xss-protection
0
server
cafe
etag
7609416772702165368
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 22:41:36 GMT
collect
stats.g.doubleclick.net/j/
1 B
341 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75122288-1&cid=1833592369.1708036897&jid=1004007409&gjid=2116736660&_gid=1112546001.1708036897&_u=IEBAAEAAAAAAACAAI~&z=1229220633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Feb 2024 22:41:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krank.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
241 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e4934d2c387e78bd8b8f0a1cce67a472358d26d301153e0dd31358601900f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 22:41:36 GMT
settings
syndication.twitter.com/ Frame 40DE
870 B
657 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=4669b172ed50b98c32dc2390e04648fba95cbe79
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
6
date
Thu, 15 Feb 2024 22:41:36 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 15 Feb 2024 22:41:37 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
299432ce0b1c6d42
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
19fcccb1e4558bc81ed95047cd0a1ab869118cd5f9e0faf975287299043e3b40
content-length
338
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QVNJPTS5GE&gtm=45je42c0v9100727719za200&_p=1708036896448&gcd=13l3l3l3l1&npa=0&dma=0&cid=1833592369.1708036897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708036896&sct=1&seg=0&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&dt=Nierexin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3049
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krank.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cse_element__de.js
www.google.com/cse/static/element/8435450f13508ca1/
318 KB
106 KB
Script
General
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__de.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108420
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 15 Feb 2024 22:41:37 GMT
default+de.css
www.google.com/cse/static/element/8435450f13508ca1/
41 KB
9 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 15 Feb 2024 22:41:37 GMT
default.css
www.google.com/cse/static/style/look/v4/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Thu, 15 Feb 2024 23:13:21 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N88Q73T6W9&gtm=45je42c0v9135301576za200&_p=1708036896448&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1833592369.1708036897&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&dt=Nierexin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sid=1708036897&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3121
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://krank.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mic/9B14) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 22:41:37 GMT
Content-Encoding
gzip
Age
5721611
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (mic/9B14)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
ads
googleads.g.doubleclick.net/pagead/ Frame A0F0
123 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1708036897&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036896880&bpp=3&bdt=1014&idt=241&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3988413416326&frm=20&pv=2&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aebd49f91e8e9671577086d10e958616b663034fa0b277fa7b4bd55f9babac14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
34339
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:37 GMT
expires
Thu, 15 Feb 2024 22:41:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame DF0B
33 KB
13 KB
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mic/9B14) /
Resource Hash
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
5721600
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Feb 2024 22:41:37 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mic/9B14)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/
43 B
100 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Krank_de%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1708036897177%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=4669b172ed50b98c32dc2390e04648fba95cbe79
Requested by
Host: krank.de
URL: https://krank.de/produktcheck/nierexin/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
6
date
Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security
max-age=631138519
last-modified
Thu, 15 Feb 2024 22:41:37 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
ab63c9e8930df9a9
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
19fcccb1e4558bc81ed95047cd0a1ab869118cd5f9e0faf975287299043e3b40
content-length
43
truncated
/ Frame DF0B
471 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
like.php
www.facebook.com/v17.0/plugins/ Frame EBEC
47 KB
17 KB
Document
General
Full URL
https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb671d447ea32fc1b%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e61d46fcac7243be47cf35120a653e5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a666d63d10ea6ad17137008823c317df39dcfd146fc439c55eb3f75a26efc498
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v17.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only
clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
t7GJ0nBwMH3ikM89pF2pheaUUsSGXSVxhfKNuoq0Jgy3MfG8j+2sKan/uKNkzEc3uwEYS12Lj+rod5GWybCqjQ==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240213&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f55669014850f629a831ea014cf4994bc2c2d4f183178367880529a82bac9bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12380
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/reactive_library_fy2021.js?bust=31081134
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a0c2d19994862c37c9357aee09cea368c983479a6c64600bbaa008581954fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57031
x-xss-protection
0
server
cafe
etag
18095615535328875221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 22:41:37 GMT
ca-pub-7176323234405639
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7176323234405639?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4c9b42faf3f0a512726e089d183e41273f3ffe8cbed79a8d804a5ebaa249387
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gvSO2Be9qK2WAHoHyaL0AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-gvSO2Be9qK2WAHoHyaL0AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KQhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejoXLdq1jE9iwdeVWZgAJCElA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 22:41:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 308C
838 B
729 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2497329281&pi=t.aa~a.3479421391~i.8~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=2&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1958&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58a36c9d2d7facbb5fc14fecad869c20f75c214cfb161d91f35bffdb4a88f642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
410
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:38 GMT
expires
Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D62
838 B
706 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2569360964&pi=t.aa~a.3479421391~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=238
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78dd178ff66f034243ba67028188168437b4bbc86653a8517025d8daa2d70dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:38 GMT
expires
Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8B74
838 B
702 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=3345664795&pi=t.aa~a.3479421391~i.15~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=243
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23e34a4d2e66a171b4174039588c3798f5c2e9b1233824e3771edcde145ea031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:38 GMT
expires
Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F7D6
838 B
701 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2600070758&pi=t.aa~a.3479421391~i.33~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=5&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c50bb71f20a61203de11a648c2bc3cbd123fe7b801f8d3efd217fbb33f093ba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:38 GMT
expires
Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/ Frame 12A7
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
60644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 05:50:54 GMT
etag
16527497774665505917
expires
Thu, 29 Feb 2024 05:50:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWbaf7XkrC-eIoq74islRrZvn_zPTtlK-oVkj8xh7N_qghZ4N280BZITZvUtzY0s2NXCK1NUCxvjMoQmBSa8P2hTvR4XbNc9DqtBsjpn0W0rIhWp_iLg-izounohddxCCLct3gpog==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWbaf7XkrC-eIoq74islRrZvn_zPTtlK-oVkj8xh7N_qghZ4N280BZITZvUtzY0s2NXCK1NUCxvjMoQmBSa8P2hTvR4XbNc9DqtBsjpn0W0rIhWp_iLg-izounohddxCCLct3gpog==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDM2ODk4LDIwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9rcmFuay5kZS9wcm9kdWt0Y2hlY2svbmllcmV4aW4vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
806275f26f49e72e115496ca209ecd55906979acfb873d56c08e70bb682764cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oJSQUNiv5YxEXSry-RmSSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-oJSQUNiv5YxEXSry-RmSSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6ORct2rWMT-NF8rgoAllZEMA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame EBEC
299 B
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb671d447ea32fc1b%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Thu, 15 Feb 2024 22:41:38 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
tsTVlxtxMP7mpczSbxY8fVeB8tL+KaBE+QSHUkp128tW+6vvgxkarHHypjgVSEPfa1x8sjdX7MdtSORF0sjs9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 07 Feb 2025 14:14:51 GMT
Q56gP7IVe8z.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/ Frame EBEC
0
0

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7BC
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
35335
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 12:52:43 GMT
expires
Fri, 14 Feb 2025 12:52:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7D2D
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
af4c84fcb96d6c5196962f37e21219803c78f91731087f13a748fab505f4b4dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p4h9y1ov0le97ESG78cz4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-p4h9y1ov0le97ESG78cz4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:38 GMT
expires
Thu, 15 Feb 2024 22:41:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
like.php
www.facebook.com/v17.0/plugins/ Frame 898B
47 KB
15 KB
Document
General
Full URL
https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e61d46fcac7243be47cf35120a653e5c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
470582e3235b6e021cabed1a37d07d36d75434e909a973f47dfbcc6195e12bc8
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 22:41:38 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v17.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only
clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
AinqUIPtMU5e/SACXTZneWoPbLkvIuPaLByx6aEr/SV2ktufDeCiew7QfS51eOBbDEPcZMAZf+o2YwU+M2n5gg==
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 12A7
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 04:47:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
64470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 04:47:08 GMT
css
fonts.googleapis.com/ Frame 12A7
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 22:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 22:23:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Feb 2024 22:41:38 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 12A7
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 11:56:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 06:06:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 12A7
379 KB
132 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134674
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 11:56:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 05:45:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 12A7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:02:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
63544
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Feb 2024 05:02:34 GMT
AGSKWxW-WfaDLibCrAMDawOGCM9G94b5gsnGLIAdQ5wB8_-dge60_acIpAXc6J-BADPGB51IiLN62DCNEIdm2nZHXLUB7h3oTKaOxKPFOrWWCojWzhlZYRYn2ahO2t_SVkwvaD7QBJ06mw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW-WfaDLibCrAMDawOGCM9G94b5gsnGLIAdQ5wB8_-dge60_acIpAXc6J-BADPGB51IiLN62DCNEIdm2nZHXLUB7h3oTKaOxKPFOrWWCojWzhlZYRYn2ahO2t_SVkwvaD7QBJ06mw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDM2ODk4LDQxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8va3JhbmsuZGUvcHJvZHVrdGNoZWNrL25pZXJleGluLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3be9af8a0c1068b25ad658c1f76f9250c6f06e258eef5ef812988f3713d4a270
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u5ffEPMDSu-ZWrVxhCfeHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u5ffEPMDSu-ZWrVxhCfeHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXFEKwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejkXLdq1jE5hx7vkdRgAVC0m2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7D2D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240213&jk=4379613268922677&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame D7BC
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 20:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
9447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 20:04:11 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 898B
299 B
447 B
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Thu, 15 Feb 2024 22:41:38 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
tsTVlxtxMP7mpczSbxY8fVeB8tL+KaBE+QSHUkp128tW+6vvgxkarHHypjgVSEPfa1x8sjdX7MdtSORF0sjs9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Fri, 07 Feb 2025 14:14:51 GMT
Q56gP7IVe8z.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/ Frame 898B
529 KB
137 KB
XHR
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/Q56gP7IVe8z.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d62261bfdda45a21496d6c16731123a2105033b3537dc5415c0923d8e6584c6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date
Thu, 15 Feb 2024 22:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BdrMebHhKtkkzVQkhc52fw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
139896
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
XBBV+joEWq65q0pCBbaqgoMoJoYTEAO+Jl0oPH1BHq4psCO4qYo1GzyqkmonAd3t+yBDyx4JMSplTRnFavtixg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=1,i
expires
Fri, 14 Feb 2025 00:02:11 GMT
generate_204
tpc.googlesyndication.com/ Frame D7BC
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?619vNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame 12A7
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsnt2hta&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 12A7
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 03:01:05 GMT
x-content-type-options
nosniff
age
70833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 03:01:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 12A7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:53:49 GMT
x-content-type-options
nosniff
age
71269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 02:53:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12A7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1708036898747&ai=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 12A7
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsnt2hto&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.18r&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 12A7
31 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AuJ8iXbsbubcOJWRAbHCLm9PbwGyxDTF2rUBVyMrJsCHUV7ywL1FLSOvnRQvl_ARd5igYQFCWDifKwQqgdGiARpjPNzw&cry=1&dbm_d=AKAmf-DNgRvczeKuPkqnZ1IjNcK55w0v9Qq4_PzUDDAUEMBuoexfg8BBYQJG81wcJ4wmkiWTpeydLV1xQ3kXAC0x3B9yeiBb-WBFjlzA-GNozSiDT-VRJr53cJP0_14dmNAVThgxOJmFb6Ev7HYf6tkHuVING-vHBtNK8SfzUoZSmteSwvyHIpaCYS9H6kIJLjexmkuTQUs5pG08fiETklHRQV4JMhX4JGR3aA1srD11SaYaug5hE-tVitSXxXThA9CjwKiyOR9Jn70sXrT33azjcol_ql2R2eaBVCuODnf1P-CkVZWk3Ra69a2yaOwuhpPJsNs6OLksD0cBLROVHNY5MFCFgbHGChPuBT3HUlq49HIhKXVzcyOsavKKfve7RY6dxKo7-q2PWuiEuc1c80wCq3mqJb94_11cnYM4yDdjLp6Pzo7JhpkNhAxH41f3ZvN_4_1bVTV8e_lXAXbH6Wn3Iw1Jqhuf58QUpiX4OGqWQ5XDeUHQeZZ95Z3nTFGmmayaJ7faRSkA3RIFssH5nbXoCd2dr162A-iNJp6zc_pUuiBkofPUPLDVLBjyJCjNYkXxEotvZ5oS7J15a8yb-rSu--CHUWZnPiQXOfbfvnVZ6DcXvab4EuS1vAJEE9tlfo6TeijxeZWVNwDq37rWfuKzcfXAyinYXOHo2yciivjHOVOaQwF-fperzThHgScW-vh6_pan02l5FymaPK83W2MTo42KaC2zCq6b5HA9QfpCoeFu0Mq0K55UrtVfPUpsrsmso1gpk7JsKYTjEgl6FybnLetAP7UFDEx74riGnxMRQO51Eh3efrGGw-Y1ZfWVVGevAdaVDDuOZr2Ybu_Oh54CbmKRuss5WddFXee3G3Y8cLGwfyBBfz09T0peXEoR52c7I3LNe5FhPxZH-4NKB3JLaWS4yv_xIHFm-kQ6zoXjlYsT2YAKmno-3O7Hhcuv-GZ5X1akjlirAx4FdhlLvUN209lDS7S4ewABtaZXokzsvldh7lOfIIHdV4ygAQ5drOPZ1tQL-zklDfAHP-US42sZOOPIvyYqG-1e5TE6k90YppaA4XnKC91xg2JJaVYt0Ul2ne8vbt2Iqmdbop7Y1P44_wxLVLWxMovs6M4Dl4tuLVnoabU1Elw6TYiN59_BnhKiN2QkrTkJLHg92L6xEhA9Rmb8Jh4AtDpOJMNFK44dqeSYIm0mXupzebw_5aceF33kFUmJrCD7r8xzg2Rt01LTjW6Bj2HJzmyCzT8jImq0v9SNwGlqsL_ekR2gLJSRtgFs-qyOpgn-ZNUsHy2PgnAp8KzkA_IAJ9RVLgY7_WFOnUFl_0QxjOEzFLvopZd-tAADvO9b8rbj8qOC_kMUjQoMh5QwFgD8FBTaMG1Gc7LsgkJe1Sobncsj2kbxpDzxykmjh8cCxMcbjByuF2vdaWROMVIWWsFrPmIe5ki0rVmslEd1uOe8L6-V_2aeqAx17m4JnEYP4wEdg825gAtCyC2DjU2N7ZdPSKFUXXzJaDF67Kobm7LhOILPMsni93-4Uu2L5CrH7ZaOpICZUUIHyuSftP1iwGRhTsfTlFGNFxFub0sY7tPbIEvJ01nxbOKPIvmXqhxWPdvRCygpagA-4FaGu4xSTntDTK7zz7821Vl0eltI4Z8UuKCCUr1PYf8rFfa_mPa1oDyHMKvd4XbDyk6tPthXxqpNatvcaTqb2EIy3NA9Gmlma29hM4LSFTveXSU2dA-V1ZjRbstXvemVNds1_CD4xq_MgzQu4-FEXo_PC1lFLfJMrysmkKbUhY4SdeoOkAFYafSNzFjFc0Ar7UTBlLLFSEpc5fzoegG7Y7PcHsIB77Kj1rUqAj9xIngYSiTWPRB2viCFVHI5X_lFc1YjV6KFB0ukfLV0U932p87-XsnBHZ8lbYyZkhTxM2HgbD71KZjn9HSLYlIckQeAauK3DzKEmUC24g5tkWigGWJ7We0fsZzGaDOOvZV1cut3Gwr9B_IhT7q15wSbvJsyiXU_oJKTwBUO9LdqsyuDYRLajkNfm4P9ro3mgArv339Xo3mU3ElliCoV1qtTiV-xH-ljekTDYB8SsYrOxYQn4-LWVUjQtNZ96QIxmnevGFfo0Q0Ov9xMzTyRjCLG3npm6Ek8XYpuInFrKK_0ONDP-KiHo72Syd9XsitSyHaU5hi8HLgksvIEN4getmoKuy37YHbEqmYAKYIgVIKVZR8ldW10tVMJjeDEPYni89HeU1SzyrbA5Q3Xswyw7Y-He9SweC8J5HXWAHZzw2EPoXPJPUGdXMMRjWbTIYE5eV5VsV_gaMPaYCdBGsgf0APymQG1YG7LjY97xNMMamZcGbyENA7vANtIc9f2uf_wEqxxhR6FEfnlr0HWNSjxUMd2ffm9pEPKfRBzi1fJnZgWuxmZHsazkdiiWZHnNxd4zuc2tAWVmg2x8RqEQ2G2POeFjyP9f6ityWryU5SIOIws5_jwSYbKmGXBaFt7nVraionCf5d1sJxdoxO3kJWkYCWQxJUS50f153Bzh8RMYjGSaTcuHxMR6CVK0UWhteiB5eTsa8nibKDnGnbqboSNZQh-OXmfK7q4ugn-JibOWPADFAzSiQHHOb-KYXKZzd0kMIisaIXoZWK6Y_BIARPZQ1dwFu_6Y28WmTAUsyRmjBGVXQ05N70FWuA-URhybx2erQ96H18ruXuijcjZCVn1IKBCw_T8hX_ACjdXHefCoqYv0jSQZg8V-rjYdVaTRKlBNA60sQYRb2JIFA3c1motHej2vnF8looT3fWbMQRYPRjcZboAqoJ-i-2SRM1smq90YgTM8ZHsH1fTWYuY4i_G3yEnQxc_4LM_lEOg6bVrboORHwRLKSsOnQaLP2S0prX-24wT4_nVOXm6aswsNKzoVH8HgteKBL0wl4LNin2UR56SzRwyz_pkAcVNBJP32mfJY77OarxFWPQC_JvQx2JNrGAb_14RRsOeR7hOnpyXiucvW-JYNnN3t0otIYLIvwIgyeUzJ4ZUeHhZE6SXZWAGt2lHW1C80zo8vHNTvY1GzC62HJokSIoHh7r5SIORyWj8M4lJ28TzZlXFjxElm3A_vP001Bb3K-QUFf3kAqzoyTESiGflYb4tRa-SfroVxBTns1gShJ0hssKxw1uwB9m7uaNkkLpaIv8zdMtu-Y0OKG4Z92BAozMT-syTnnDp-umyW4SSeNjNnDszhjU4fjV4Qj3QH1npExelC6bPhWxrvkB34L-B_pZTmwLxDf76IJmWADXSEaa1xqxHeyVoC86rEifaJDW2QNVYMW2MtWsnM9LohwYRsS7OyOqcN2c8TveTpfew1z7fnHlFCEROwxlLkyBKiec2x--AQSCNGrS7dJ6zHDAUQxiYKCB_cBr2C1IiaakpLMUO7pcIRLyWC3zTKfM6GkjDVKlOPK8EZ2vxmG4v-g9aVpEjfm5CNpBficONdeyqLspEk-cJUT6A9QsyN6cvXnXtnagQuIZStQunU7_7A0cWGqKTqB2MTfP4TfdZhG0a-hnEKJ0IbDbQMWi01_auEDvhYLUAVVu2QuzZN8byJFes6OAG9xUPyOa4y0BeCeBqRbsGcvG3Sgj9htu3oy9pgu6apOXgv31HTt1E81oJnjBB5u5jyQPEgqxzjHZ5MAfvLpDvqF2-WTjTZ7l-5cApBVqGo6ARkwedryU0RXsjXnjMjohGz383CeCfwVVzDL28oqkAEXQaZR5pg_LozdUbGmKIIS-r-JU0JcP98w_3zYUDBMFPfuIc6HUBJczeMy37lwirlnhkWEhM4CvZZDluDZmTqydeKxkG_Vfbv0l_R5pDgWGnrqIQ2zrdAiI&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
dcd7fd1982e2105e8c76d8fcd947d802f0a40b0dfa13150c8fb4bd6c4eb3d7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17686
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 12A7
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47eafc65bbeb7515dcfe85efe45059847fbc09223f7761beab225a28baf52703

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 12A7
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsnt2hu8&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 12A7
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 13:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 13:11:21 GMT
file.mp4
r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 12A7
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2607:f8b0:4000:7::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Thu, 15 Feb 2024 22:41:39 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7654419
Last-Modified
Tue, 17 Oct 2023 17:05:23 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 15 Feb 2024 22:41:39 GMT

Redirect headers

date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 12A7
453 B
589 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-7176323234405639
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:40:26 GMT
x-content-type-options
nosniff
age
73
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:30:26 GMT
csi
csi.gstatic.com/ Frame 12A7
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsnt2i0h&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1841&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1f8~atrd.1fe~videopreviewvisible.1fh&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 13E7
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
63537
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 05:02:42 GMT
expires
Fri, 14 Feb 2025 05:02:42 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sponsored_text.
fundingchoicesmessages.google.com/f/AGSKWxX56ztH09yUeKJkKHKzkKDTJqmpLp63QxaQkbxV1tJx0-dfhIOYawrD_178V2lOoHL4YsyAbwpg1RoJpmCsXSUkZAR2m3kkVAsXXVNXbmWnrWRNJjuqchNAUoDz-mciZEm64R-SvZr0QbTLUbhQ_DgeHJ7RF...
54 B
110 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX56ztH09yUeKJkKHKzkKDTJqmpLp63QxaQkbxV1tJx0-dfhIOYawrD_178V2lOoHL4YsyAbwpg1RoJpmCsXSUkZAR2m3kkVAsXXVNXbmWnrWRNJjuqchNAUoDz-mciZEm64R-SvZr0QbTLUbhQ_DgeHJ7RF54ZyNcncXl1GH-gkNV0LdOYv7pM21PB/__rectangle_ads./ads/banner._ad_square./sponsored_text.?ad_tag=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da159f4f0f5692cf42518d9d01efbc33de5df8686f23ec1c5cac5ea33d6b2b1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NK3nrmhUV7V0iLhkt44zGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-NK3nrmhUV7V0iLhkt44zGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4K0hxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiFujsXLdq1jE1hxo8sPAMUySNw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d351abe30325db105fed7efd6f8a9ee698fd888d13948bb9c8f7b183c59ace78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
2389
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11396
x-xss-protection
0
server
cafe
etag
9023021008083772581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Feb 2024 23:01:50 GMT
AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zLhfA2fDRqHwqKuhr_M2yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-zLhfA2fDRqHwqKuhr_M2yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAj5ezGhgBAM8YjQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://krank.de
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 12A7
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJowEIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAaoEmAJP0B8mMddb21bMUpeYpX_wwxbCWbRT474KLL-p5pE2vtmKSZUKSCVLPEQwAAEdOXzQEmvFdLk9QPPqoaq1Oxh2jZDMbVFJ8ke3w0A0u1gg3U9Qk5WGsZwDj1DPBEqs8nb3BhVQe4ROfvCmgszhej9xzXCRA9Il85cV7vDLJcxIK8q1iKWl8oL0wNQViuubhXGy1_V447jd1T3QDm58PmdVbVSah_gD7PUQQhz0LWRfd9-aObTlTiSGhiYrVmqWMrfBnwn35MKY7hAUYGVrnn9rILjojk-sGOCC9fnZLjoLi8tD91br2QRxRii4c5jYpZua2TZHktCNuvtGZuLaemCoQILL-1VcUmhVNWUZrpPo5X09XfZNnYCPwASy4NiwpQTgBAOIBYSMjJFMkgULCCIQAxgDSIWshwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHChCOsxIY4Y-s8wHSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgHICwGwE9mJxxTIE5KGsuMD2BMKiBQI2BQB0BUBgBcBshccChoIABIUcHViLTcxNzYzMjMyMzQ0MDU2MzkYAOgXBQ&sigh=-0ZusWwq9yw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&vt=10&cbvp=2&vis=1&nis=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 13E7
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 20:04:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
9448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 20:04:11 GMT
AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zVMTEq8Ha4gY-iDQxsgKuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zVMTEq8Ha4gY-iDQxsgKuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXMsXrZrHZvAhU_X6gHpDRir"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://krank.de
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240213&jk=4379613268922677&bg=!tLelt_jNAAZN4L4YbeA7ADQBe5WfOFB9PpmQWsT-hrhcw2wMSqrsF6rN9GCrFLFzZAprUlXFEFIk9-quZhMBjnlhT4ApAgAAAGpSAAAABGgBBwoAeujjmPi7iDEZ9zAOJw2lpFfK44CIoPKIViHGNQamJB-zn8YVWEPkXxeQaDbGwpBBZsIEf3b5tyqXVPqNx9EABSCM5r7fVhelZS_XoLQIySCjklgDrUL1reJDZwMzMAopinOIzJGmgk4nxGqy1Womkzw7t7BVi2_1mDi6mQLCHc4vzls91bDKZQa3Ow2WapxXfiAb8y-lN0TupuYmHsEQQKQQzwVOIFgHSntSbTQrOj4XBYQ4U6vrkzDDof8_-9sfB0TrlyL9UV6uACznuLI5vQ88J5XiZXo_6sqrYDsiJOHuOVMEbS7UUG8baeFMtY-vHEFq-uwEEv7J2xRb-jd-yiNTjw1ttauMDqqIBxNLj7fwJIgSiFH_2e4cOckx1oGuQcl-z6X3nRv_WPiJc2GyPx4yxpmqln45t50_aB2DyfU-qfnvbWlnsr2jFsOZixUPxq0rtpeAdOTI99OTSQIxq7sX5fZlfpHGXFg1i3Z9M_5_hOISEBIENDsLyCiIB_jFx0IGV4eveqXtbevm1_8fkojiq1GzyTnewT8s4_2W4GdxKqIWqJPMfNvZ4PwNvUTThjc30ruW1wFrz5SGfhVR6He_hExQsHbqYFjHKyJB7GypGQhofhwYVBzMPbqc4b2pnw0DuLnUHOqnqPB7WTvcSOzO1ppvhb77VdEqylZ9a6j1o3-6Y_XGNTfMcoRIdOYWL_D_OxrlslEy2IFXJAv0zECCMsV09eU5S7FVx6adcLDpTot3tmQeJHUx9HSOHvZnjW6U0zRfOhpG9Z5ZPODBnPQKV8taG_VD0mj5xgDyrGLtWKmjxFAjE1918LhTCYS3EqnkJcNNG7n6K7JGbvabJz1Cy2FdEVj2a2k9Xq7T749vR-AVB0xsLImvvkSEeFE2YKaOVckGV26JY3KmwJqCl1QJNMiqWh4-1qoNrVWB8YrmUR3pLWQ6cpTfm6pxLB3_M3osSRfTZmjFQW4eSTETRVsjTykRJf8GNclh8GtIMfjHTHKuoXBESXcu8-Rc7p8DMoibb-Rc0GdJUBgBJIJ2K78zgezHT7aeUsAZu0Tzg2Dvb5elgg5qFZosXY8OgNBg9JOi6pQ2D_AVVRitOZ-nQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RrcNVkMOFyb9NFfvDHZ5ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RrcNVkMOFyb9NFfvDHZ5ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAjKfLGhgB_ngYMw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://krank.de
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RJBUp6GD4DAuXVWA5tCSzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-RJBUp6GD4DAuXVWA5tCSzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAi_lvGhgBAnsYjg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://krank.de
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVWHc7fk9vNWbNdorfreigIX6_4b18HvAUW5MEf6TLbbVR5-3YaiS9g5ufPnZntn_JTF3kM2axkrfLvTXgVWvbpB3gp_Q8JvDTD2i9j2zDaSDiy87s3IU2dWexBP0PfkXhomFllDg==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVWHc7fk9vNWbNdorfreigIX6_4b18HvAUW5MEf6TLbbVR5-3YaiS9g5ufPnZntn_JTF3kM2axkrfLvTXgVWvbpB3gp_Q8JvDTD2i9j2zDaSDiy87s3IU2dWexBP0PfkXhomFllDg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDM2ODk5LDIwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9rcmFuay5kZS9wcm9kdWt0Y2hlY2svbmllcmV4aW4vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10c862b5bdfdde6433f46d926d5715cd2cf9578f2bbb248fa7b38b00d142e0ed
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zcjb6fd3oqLdDYDEDUc1xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://krank.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zcjb6fd3oqLdDYDEDUc1xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Oxct2rWMTmHHmYS0AleREMA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXh8xA1ap1wqawUZEh8m28bOq-KABCpy9ZqGUpdZUIuzx9y_PsgUQC37NorDdrYOWXclOrEC-6ktrIrISZH2DE3fdnoevPQ0--ezV0o3cDtIsaWE3Mvss65dLZCHDQmBdb90VdkYQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXh8xA1ap1wqawUZEh8m28bOq-KABCpy9ZqGUpdZUIuzx9y_PsgUQC37NorDdrYOWXclOrEC-6ktrIrISZH2DE3fdnoevPQ0--ezV0o3cDtIsaWE3Mvss65dLZCHDQmBdb90VdkYQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5yOXONLXcLf91g24vxQPiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5yOXONLXcLf91g24vxQPiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAiqvflzMCAP9NGKk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://krank.de
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xZ_uD0lqpIdQy1k5Tbhyjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://krank.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xZ_uD0lqpIdQy1k5Tbhyjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAikm7ljMCAABDGDQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://krank.de
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 13E7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BX4hTIpPOZZH4OJTQnboPiomT8AMAAAAAOAHgBAI&bg=!LC-lL2DNAAZN4L4YbeA7ADQBe5WfOCXub1JtXOS_qaW_EUPESP-79ISmAUgJZFYB1WGxwOHHa87Y_iPNtNP1dI7OsEDLAgAAAH5SAAAAA2gBB5kC4b8IfCWF4rtN-QpeT2vf17wOHnd-0-rDxTOTS2dVlSDmXzmrgG9UTiaJmqz-4D72S84xPihOB75NmPgyMFKO_a1bYp0sK1pH4dFMAAw189zWDQIGa2fkYvMdyeBDbI90sqnaOyISjK6c5lwHElgqhR9cLJvHcifPOZIqipBNBs4oaV_AO3tuOJtH2H3rPqcRm1M4kc8BjLPF3HzEwsdsEFXp2R4pwGCmP-V6n6gIedkitrAX8hy8gGX9M5KyMRZ41heZCtZ5HXX6PSTraVsPcTx9TMDN3YCNb2e_dxJwz2r8Ps6c8BpCd3aD7aBgyPhXBOylY1sbYw7SvFPuHP5WA3njQePQNPUO2FsCXkImZKYX0CnBCmgirQbonyg3m0jae3gyjYpiXJKdsmTLTRIAK4qyYGGf9l6kafDLh6Skw8WjMMJI3KZl5oIpeekirE-PWzu8lRDNDk5SMSSzSkrfpPbzmUaFk36XTH4mSte427pD1OGIqtVOdal8ZIQirpOKpxkA44fRBI8gAp7-aT9JxzYKtsnJnKF1GvVnWxr4iDjEtrzP-BpLmG0FOYLLosMVWbhkY_U0h38QfuoD1XY_-0h5O9vgyZoQtYBrw_5pldZ8yGdHyO-veagjR1d3K5q9GVp9yHAAp6fIMwotZFUVnC7SaXfCw_eCZtWgeoTWDcjLkcgG-2Zjrz__Xk5JqepG25_FFEk8yFz_xoQ7Ee_REIYxx7yikN8WrrpFjEixZR7uyf1eLIGa9ytVMDm_lxZpWMnzX2k3442gGUA10Aitmu85mvhW_OZw-mPnjGbLlEeuPA10fFu0D0NZmxY-j0G01pJsVK7PgoVqVvJVSd__wfYc2Cuo2WjtaZ21ijLjBueqcLKbWxINLtWydRZmkzY099zm48UQrjoACsSAMz5sS76sWL5Th4B8pLiXfRJPfn-dw0oxEA-eMcGvGrGiHX46Lnx2Rf-fEJq-9wyx79dVbR86
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 12A7
4 MB
0
Media
General
Full URL
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:7::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

expires
Thu, 15 Feb 2024 22:41:39 GMT
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-7654418/7654419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7654419
last-modified
Tue, 17 Oct 2023 17:05:23 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
dc_oe=ChMIkZH_pLWuhAMVFGhHAR2KxAQ-EAAYACCylr1gOhkI_pu9OBCy4NiwpQQYkoay4wMgivjdt6ASQhMI3IyepLWuhAMVbhF2Bh2wBge4;dc_rmcid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHV...
ade.googlesyndication.com/ddm/activity/ Frame 12A7
42 B
401 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkZH_pLWuhAMVFGhHAR2KxAQ-EAAYACCylr1gOhkI_pu9OBCy4NiwpQQYkoay4wMgivjdt6ASQhMI3IyepLWuhAMVbhF2Bh2wBge4;dc_rmcid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB;eps=CIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WMrAm6S1roQD;met=1;acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969901;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708036899688;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 12A7
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU&sigh=GIr7y9z9JLE&label=part2viewed&ad_mt=6&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969901&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708036899688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 12A7
0
380 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMgAo3rjBzg42Q9ZmZ0ReJr0fexttBsCag5agBpCFv5Iy_srSSlIIChWCpdffyPZbWQpGkWEZETXoDtz4csxu6Q0dA1LTdBiPVWI1qkgpXkpsIA3P-fPAgJg3ruoxHYS-WRxkyhnUPSqZC5h-krAF4xBuWpKKyHTbjVacAJ6FpQ6-3Z_7iM5w3rxUYHFxtLdBexIhsiKuuuIM_XLMXGKd4__u_cRnZAadMqPEj7v2x6zNqhhINHLlxsV25RhNEJH40ST_atAzSUxuCCgAKls9oXaVjXW7SrpR_NkQfLu911yf8Wa12Dcqy2io4twUQycUDtbG6aKaggyCQwwxOm3b6rxT_0YyVik1LeWBMatUK5Ukk7kRHO55iYCFCjpeHdQfcNu04K9cEJlxnVKWd3Sy5UlPEGyylA-TrgpGlwj-cLcNx3DpkB7dEpRKL13Dv_w2PEdzDe979yROdW9CMQnswIGi0MDXcOFwvQBrRIghco6gmrUhTQKJ4oKpU9QI81gagIyf7eiZckRSOksY2tY1FaD1aw3fOuFsSk8xefRbH97ISjBBpbB4gckXyR_Vrrw_UQgkkrjOd9WVRpuJv7RJQmCVaejE6OqjJP2vubhEvrFnwoWXFP0SSXPNkS_JsTNf8g5LoUyXAZBzLyzB80-kbkAFl8vDJw8SSHcyNi7Pzxsz8pJicNOkV50-XNfqcTzvcBDGG8ZxCsINdDvHwdP6D-bO7Q2rheYXyuzeNlSABVtrP8PMcIC9qWrowzrH2zYyAdhhwV-P5GfI1wFBChqeIt1NjjN7rbsSL2wFbAeC7fJG2B_58dZHQx-da92_qfZH8T6uotUL1u69c38oK_vJGRR22OSkNzVs1eg_IZWr3kBy22bDXgECZH_fhFbIlX66O5VPrLar7riI4JXwZkMGqfFIDz6oDXMSFrBDmasmqV2rIkAwWyBvqxyCed2XzYp7cPiK8jtQPX_HzkAH9ywxtzlf_R-5OUdhb5kG_D-G-vok3g1ymtPCqXciZpIdx7fgqvlpWSS7gsTUmovF5bDOlJKXGgZGaXAgTxilPyoVvUW2zuXTGxssTtiAD2ld8B-Fpsx-aW0OpcJ-ESecoP-b5WD_cQ3UffbYYNWExtecsU0-kTzVPJfRwoNGFLk36r_OmI4mCXPR09F5ld2Ki2zq98OCiYmSTs5Aj3X8gY9a7ofIkg0h7JPXqIO668x7N9plVaTPsXQKNErQ8BrijBBlqumHHhdSn4UqPlc_7H5u_0NYUQOzWWARrEjdLocVNoIDjAiCkeZzv-OT4zQ&sai=AMfl-YRvv5YQvmnZL3-GnweWVWo5z43AAfbzemYdzAYT_TCgrqY1imV-gkdQyeoPHFsazjd8T2tJXjz_ymcDN7sxwbEazcd-ET3FSjj6Z9k3WGxvPz6y_ZokMm1U7fDFgwbXbCQ-uNOnW4HNoPBWB9azxu9q7Gx5RMlxpUzFuEEJjtkaKdFIazeWoq32UyR49Xo_S6pjckEnZ6Lpun7ZarcqEzK6aGq-jBcyLdEtM9A1Uer5vmjWOPLgXQgPtLCKJhl8ZPjphfViHAOJqgZznRglstue-RND21L4nau3Ow&sig=Cg0ArKJSzC2AZs8splFgEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 15 Feb 2024 22:41:39 GMT
rum
dsum-sec.casalemedia.com/ Frame 12A7
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CL8BEMmpGBjhj6zzASABMAE&v=APEucNUXrTULK88tm2u50YzsgH5-RP50KZYonZOM_i4kEsxJprVJ_sQ4sKgSN9DBa5pO3gKZqbZznwsEBPBX7kP25XTuGEOIcWvLmP1KKM3BA5CJT0UdzFw
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6TI9HM784AAFKqAGNsIAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1
43 B
768 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhXfi3fXpy%2BCBfvbdl4wEA12xCCdJXrFQsg7pzlrnHkelPMlDnbSg3SaWwJDor1WrJ7RaX3uXE7ccUKfVS8y7Xt1%2BNug%2Botsf219DtCLVWjNl%2FGwgYI1LbXyIiefbU4ZdYfxss1vr7RXPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85610f421a886da7-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12A7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 12A7
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM0HoIMT4QYAqxXqbHldbSMpAdzzVroAtB9d4_wRMSoLeZFMiuEPc1yb8ZLsgDyUND8Pk0PfwYA9bsVe3i9ftJ5Onag_KjIROYOXu84xjGru434a76ssPCnwQwL3y4KPqZvdkUWM1U0NX66MtOvA&sai=AMfl-YQ027bTGZZX5DSk35T31gsr_KHwamr-M7lrae1DtJ-QL0LkgZu69Gk65HFH3nSttFyCX8wadCPztYwO3FYcxfvTk-QflC5ou-ZHEoBfepoCeTdwyULjpMdX4k8SYdb7wOTnFU26acEEXM67WM-e&sig=Cg0ArKJSzKONyYfQ51fLEAE&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969900&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708036899688&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 12A7
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU&sigh=GIr7y9z9JLE&label=vast_creativeview&ad_mt=6&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969903&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1708036899688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 12A7
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lsnt2i0u&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1841&mt=video%2Fmp4&vs=1024x576&dm=30000&ple=0&umsem=0&event_name=first_play&asset_bytes=199914&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1ye~ff.1yq~videopreviewstarted.1yr
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 12A7
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM0HoIMT4QYAqxXqbHldbSMpAdzzVroAtB9d4_wRMSoLeZFMiuEPc1yb8ZLsgDyUND8Pk0PfwYA9bsVe3i9ftJ5Onag_KjIROYOXu84xjGru434a76ssPCnwQwL3y4KPqZvdkUWM1U0NX66MtOvA&sai=AMfl-YQ027bTGZZX5DSk35T31gsr_KHwamr-M7lrae1DtJ-QL0LkgZu69Gk65HFH3nSttFyCX8wadCPztYwO3FYcxfvTk-QflC5ou-ZHEoBfepoCeTdwyULjpMdX4k8SYdb7wOTnFU26acEEXM67WM-e&sig=Cg0ArKJSzKONyYfQ51fLEAE&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,160,119,369%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D202%26dur%3D30037%26vmtime%3D2174%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2165%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003%26co%3D396969904&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708036899688
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 22:41:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.xx.fbcdn.net
URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/Q56gP7IVe8z.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| a2a_config object| a2a_localize string| ajaxurl function| gtag object| dataLayer object| penciBlocksArray object| portfolioDataJs object| PENCILOCALCACHE function| penciBlock object| adsbygoogle string| GoogleAnalyticsObject function| ga object| scriptParams object| tocplus object| ajax_var_more object| ajax_var object| PenciTOC object| a2a function| a2a_init function| PenciISJson function| onYouTubeIframeAPIReady string| video_postmessage_event_func string| video_postmessage_event undefined| $ function| jQuery function| LazyLoad function| jarallax function| VideoWorker function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| addComment function| Cookies function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init function| fbAsyncInit object| twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| __twttr object| FB object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| __gcse object| googletag object| __buffer function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmJkMDNkMzA4MjgyYWVmMGxvYWRlcl9qcw== string| NmJkMDNkMzA4MjgyYWVmMGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| google_image_requests boolean| fde7fd53-fd84-4e9f-8969-5c9ca162677d

16 Cookies

Domain/Path Name / Value
krank.de/ Name: PHPSESSID
Value: 7v61uiup4r36abthms8dcebka7
.krank.de/ Name: _gid
Value: GA1.2.1112546001.1708036897
.krank.de/ Name: _gat
Value: 1
.krank.de/ Name: _ga_QVNJPTS5GE
Value: GS1.1.1708036896.1.0.1708036896.0.0.0
.krank.de/ Name: _ga
Value: GA1.1.1833592369.1708036897
.krank.de/ Name: _ga_N88Q73T6W9
Value: GS1.2.1708036897.1.0.1708036897.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUnASZ1RBTn7OV_O1sR83sd94K9cCqvujSYOJ1ATXs3CgT8An8VfYlb5keCFhwE
.krank.de/ Name: __gads
Value: ID=3efe132a8242d27d:T=1708036898:RT=1708036898:S=ALNI_MYWgrSpLjCELBj2StpW0i1araRFYA
.krank.de/ Name: __gpi
Value: UID=00000dca427b6bf5:T=1708036898:RT=1708036898:S=ALNI_MZn_E8qJlcWMpG08pW_LSsOITFTfQ
.krank.de/ Name: __eoi
Value: ID=4ba3e3b4877c868d:T=1708036898:RT=1708036898:S=AA-AfjYop7zCYJ4LmNkkJwAsdXWV
.doubleclick.net/ Name: APC
Value: AfxxVi6OMfexVyP9FWkOpu4VoeoPwnx7g9Ed_8Sva123vHs7hnCuOw
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.krank.de/ Name: FCNEC
Value: %5B%5B%22AKsRol9fYzIuFAkYyABEFxSoOGFfyWTY7Eal10wHDcxS0kqB4wmwNThqgRcBxSGO2ko692dtPSEgcCDLEWDsrKc1_EDgTLGh0G4vtaZ-19ADYgjPZZsIF5HyEnuuaTQ-MQk2mEwuhHnZ6ov-mquN-ac-uvsdpLCkSQ%3D%3D%22%5D%5D
.casalemedia.com/ Name: CMID
Value: Zc6TI9HM784AAFKqAGNsIAAA
.casalemedia.com/ Name: CMPS
Value: 1516
.casalemedia.com/ Name: CMPRO
Value: 1516

38 Console Messages

Source Level URL
Text
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://krank.de/produktcheck/nierexin/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
connect.facebook.net
cse.google.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
krank.de
pagead2.googlesyndication.com
platform.twitter.com
r4---sn-q4fl6n66.c.2mdn.net
static.addtoany.com
static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
static.xx.fbcdn.net
104.18.36.155
104.244.42.136
172.253.115.155
172.253.122.155
172.253.62.157
2404:6800:4005:80d::2003
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::ac43:2794
2607:f8b0:4000:7::9
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::65
2607:f8b0:4004:c07::64
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::93
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1f::8b
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
35.204.103.237
62.116.173.69
047043c63214ab371ba64e454267f5c75cee938b7cf50282c88714652d2745f1
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
10c862b5bdfdde6433f46d926d5715cd2cf9578f2bbb248fa7b38b00d142e0ed
121e938e1bf737d88f63ab06c7eea1ac42dcf748bee7076624fb35bd0252e45e
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
198d6d513b26128ddbb294a9ff929fa1e8b297e00feb0929204558ed56cb6015
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
23e34a4d2e66a171b4174039588c3798f5c2e9b1233824e3771edcde145ea031
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a076b7d7089628be1ecd036b9b49e0faf5a300138c500fad100b6d03494e310
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882
34c2528db29af28ba40106ece5fa4b7a8f77885600c9d13f5c345f931d7346fa
390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80
3be9af8a0c1068b25ad658c1f76f9250c6f06e258eef5ef812988f3713d4a270
3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
470582e3235b6e021cabed1a37d07d36d75434e909a973f47dfbcc6195e12bc8
47eafc65bbeb7515dcfe85efe45059847fbc09223f7761beab225a28baf52703
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b586b9980faa3895fedc82d3f7946549046f48ab48b532d2b84d9b90a1a684
58a36c9d2d7facbb5fc14fecad869c20f75c214cfb161d91f35bffdb4a88f642
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5db39a62ee9abcc30a30b63fcf2915e123217f6d2ff2a6a668198635386d61b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e4934d2c387e78bd8b8f0a1cce67a472358d26d301153e0dd31358601900f46
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7168087d5f93da952708be1bc84670514ddd73087ddd4241d7aa06be86a2f57f
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
78dd178ff66f034243ba67028188168437b4bbc86653a8517025d8daa2d70dc2
806275f26f49e72e115496ca209ecd55906979acfb873d56c08e70bb682764cd
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
8a0c2d19994862c37c9357aee09cea368c983479a6c64600bbaa008581954fe6
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a666d63d10ea6ad17137008823c317df39dcfd146fc439c55eb3f75a26efc498
a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1
a955b5d86b03b44b4bec0819234fb3ce63a54e0d92b10a7bb2e24b2d30e54369
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebd49f91e8e9671577086d10e958616b663034fa0b277fa7b4bd55f9babac14
af4c84fcb96d6c5196962f37e21219803c78f91731087f13a748fab505f4b4dc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626
b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4
c50bb71f20a61203de11a648c2bc3cbd123fe7b801f8d3efd217fbb33f093ba5
d351abe30325db105fed7efd6f8a9ee698fd888d13948bb9c8f7b183c59ace78
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d62261bfdda45a21496d6c16731123a2105033b3537dc5415c0923d8e6584c6c
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77
da159f4f0f5692cf42518d9d01efbc33de5df8686f23ec1c5cac5ea33d6b2b1a
dcd7fd1982e2105e8c76d8fcd947d802f0a40b0dfa13150c8fb4bd6c4eb3d7e1
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c9b42faf3f0a512726e089d183e41273f3ffe8cbed79a8d804a5ebaa249387
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55669014850f629a831ea014cf4994bc2c2d4f183178367880529a82bac9bba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c