krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/
Effective URL:
https://krank.de/produktcheck/nierexin/
Submission: On February 15 via api (February 15th 2024, 10:41:43 pm UTC) from US — Scanned from US

Summary HTTP 106 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 16 domains to perform 106 HTTP transactions. The main IP is 35.204.103.237, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is krank.de.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.

This is the only time krank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.116.173.69 62.116.173.69	15456 (INTERNETX-AS) (INTERNETX-AS)
12	35.204.103.237 35.204.103.237	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c07::9b	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c07::64	15169 (GOOGLE) (GOOGLE)
1 5	2607:f8b0:400... 2607:f8b0:4004:c08::93	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::8b	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 10	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2607:f8b0:400... 2607:f8b0:4004:c06::65	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4005:80d::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
2	172.253.115.155 172.253.115.155	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4004:c06::64	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4000:7::9	15169 (GOOGLE) (GOOGLE)
1	172.253.62.157 172.253.62.157	15169 (GOOGLE) (GOOGLE)
2 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
106	24

1 62.116.173.69 (Regensburg, Germany) 1 redirects

ASN15456 (INTERNETX-AS, DE)
PTR: lb-2.avenso.net

static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.204.103.237 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: word1.hyro.ag

krank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::93 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::8b (Washington, United States)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:100:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c17::9a (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4004:c06::65 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4005:80d::2003 (Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::64 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4000:7::9 (United States)

ASN15169 (GOOGLE, US)

r4---sn-q4fl6n66.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	350 KB
17	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 3353 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 659	191 KB
14	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 113 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 cm.g.doubleclick.net — Cisco Umbrella Rank: 278	60 KB
12	krank.de krank.de	690 KB
10	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4212	35 KB
7	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1221 syndication.twitter.com — Cisco Umbrella Rank: 1517	148 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	137 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	2 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r4---sn-q4fl6n66.c.2mdn.net — Cisco Umbrella Rank: 133651	949 B
3	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 1042	138 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	32 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	90 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	177 KB
1	nierexin.de 1 redirects static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de	155 B
106	16

	Domain	Requested by
14	pagead2.googlesyndication.com	krank.de pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	krank.de	krank.de
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	static.addtoany.com	krank.de static.addtoany.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net imasdk.googleapis.com
5	csi.gstatic.com	imasdk.googleapis.com
5	www.google.com	1 redirects www.google.com tpc.googlesyndication.com
4	platform.twitter.com	static.addtoany.com platform.twitter.com
4	www.google-analytics.com	krank.de www.google-analytics.com www.googletagmanager.com
3	dsum-sec.casalemedia.com	2 redirects
3	imasdk.googleapis.com	googleads.g.doubleclick.net
3	static.xx.fbcdn.net	www.facebook.com
2	r4---sn-q4fl6n66.c.2mdn.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	connect.facebook.net
2	syndication.twitter.com	platform.twitter.com krank.de
2	connect.facebook.net	static.addtoany.com connect.facebook.net
2	www.googletagmanager.com	krank.de www.google-analytics.com
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cse.google.com	krank.de
1	static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de	1 redirects
106	28

This site contains links to these domains. Also see Links.

Domain
www.nierexin.de
bit.ly
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.addtoany.com

Subject Issuer	Validity	Valid
krank.de R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
static.addtoany.com E1	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 15 frames:

Primary Page: https://krank.de/produktcheck/nierexin/
Frame ID: 56E0AC507D27BB9E99E0D460D2504275
Requests: 55 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 2EC6FFC4343DD4475DF28DC4DE14D734
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Frame ID: 40DE6026A0801F9B9E6285A85C4B75C8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1708036897&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036896880&bpp=3&bdt=1014&idt=241&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3988413416326&frm=20&pv=2&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=272
Frame ID: A0F0144B02CC9D84DAADF5464D1E6EB6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: DF0B337422EB30993EE2B60E688C892A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb671d447ea32fc1b%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: EBECE1FA640593F6E31F2F05047216EE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2497329281&pi=t.aa~a.3479421391~i.8~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=2&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1958&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=165
Frame ID: 308CF271A36DAE084C6581E291FB756C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2569360964&pi=t.aa~a.3479421391~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=238
Frame ID: 8D62269DF5B3689375D09FDCAA85EDF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=3345664795&pi=t.aa~a.3479421391~i.15~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=243
Frame ID: 8B744EBC9C9B5E417237AAD96137AF2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2600070758&pi=t.aa~a.3479421391~i.33~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=5&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=248
Frame ID: F7D6504EDBA22331C08B632971DC795D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 12A7F1246E02BECF3A55B27EB9F0971D
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7BC5B818459C5B3C229C1EDB00D63E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D2D348B4BB14ED87E3646165CCF056B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 898B7EC26F99FFB5E92EE698820CD760
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 13E7D9E9BEF772796DC6054F783E56EA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nierexin Produktcheck - Bewertung - Produkt im Test » Krank.de

Page URL History Show full URLs

https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/ HTTP 307
https://krank.de/produktcheck/nierexin/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

106
Requests

96 %
HTTPS

73 %
IPv6

16
Domains

28
Subdomains

24
IPs

5
Countries

2101 kB
Transfer

11067 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nierexin.de/
Title: http://Nierexin.de

Search URL Search Domain Scan URL

URL: https://bit.ly/nierexin
Title: Nierexin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://krank.de/produktcheck/nierexin/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Check%20out%20this%20article:%20Nierexin%20-%20https://krank.de/produktcheck/nierexin/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&media=https%3A%2F%2Fkrank.de%2Fwp-content%2Fuploads%2F2020%2F06%2FNierexin.jpg&description=Nierexin
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/krank.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Krank_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/krank.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/ HTTP 307
https://krank.de/produktcheck/nierexin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei HTTP 301
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Request Chain 80

https://gcdn.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B7FF5CBD00430A1B20E3D7D8AC1E1D5B8C9B36C0.36E638E93EE6C01EF4CB76F65DB1F3786D0B141A/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4

Request Chain 101

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL8BEMmpGBjhj6zzASABMAE&v=APEucNUXrTULK88tm2u50YzsgH5-RP50KZYonZOM_i4kEsxJprVJ_sQ4sKgSN9DBa5pO3gKZqbZznwsEBPBX7kP25XTuGEOIcWvLmP1KKM3BA5CJT0UdzFw HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6TI9HM784AAFKqAGNsIAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
krank.de/produktcheck/nierexin/
Redirect Chain

https://static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de/
https://krank.de/produktcheck/nierexin/

84 KB
22 KB

564ms
270ms

Document
text/html

35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2a076b7d7089628be1ecd036b9b49e0faf5a300138c500fad100b6d03494e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 22:41:35 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding

Redirect headers

content-length: 75
content-type: text/html; charset=utf-8
date: Thu, 15 Feb 2024 22:41:34 GMT
location: https://krank.de/produktcheck/nierexin/
x-redirector-id: 029030e28f9053d8ace67c987a9e4227443b2ede73eda74f335229f3182ca63c

GET
H2 200 autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
krank.de/wp-content/cache/autoptimize/css/ 2 MB
300 KB 140ms
138ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

34c2528db29af28ba40106ece5fa4b7a8f77885600c9d13f5c345f931d7346fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 20 May 2023 09:10:20 GMT
server: nginx
etag: W/"64688e7c-19417c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ebs_dynamic_css.php
krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ 0
274 B 278ms
277ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 101ms
41ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11114
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61Oh46qRQeKE1XSZgZwbHVrNOeUVWAic5XuaSvHIPRT4r%2BmS9RZ6PHw6d%2BslHi1nulbbL0v%2BizdY4S434b0JOJSvDyVAykpAHMLkSVIJOP%2FjwE1KwkvnmHLMlgVvKwOCvg5N%2BJI1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 85610f2b1b6f7420-MIA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 304ms
60ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

121e938e1bf737d88f63ab06c7eea1ac42dcf748bee7076624fb35bd0252e45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93766
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Feb 2024 22:41:36 GMT

GET
H2 200 krank-logo.gif
krank.de/wp-content/uploads/2017/09/ 5 KB
5 KB 277ms
276ms Image
image/gif 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/09/krank-logo.gif

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security: max-age=63072000
last-modified: Tue, 19 Sep 2017 14:28:58 GMT
server: nginx
etag: "59c129aa-1523"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5411
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penci-holder.png
krank.de/wp-content/themes/soledad-theme/soledad/images/ 125 B
332 B 277ms
277ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/images/penci-holder.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:35 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-7d"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 329ms
92ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

047043c63214ab371ba64e454267f5c75cee938b7cf50282c88714652d2745f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51545
x-xss-protection: 0
server: cafe
etag: 16544720189357361442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 15 Feb 2024 22:41:36 GMT

GET
H2 200 copyscape-seal-blue-120x100.png
krank.de/wp-content/uploads/2017/02/ 4 KB
4 KB 136ms
135ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/02/copyscape-seal-blue-120x100.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
last-modified: Sun, 26 Feb 2017 20:32:54 GMT
server: nginx
etag: "58b33b76-101a"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4122
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js Show response
krank.de/wp-content/cache/autoptimize/js/ 370 KB
121 KB 138ms
138ms Script
application/javascript 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/js/autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 15:24:24 GMT
server: nginx
etag: W/"63cab228-5c795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 290ms
51ms Script
text/javascript 2607:f8b0:4004:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Feb 2024 21:00:24 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6072
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 15 Feb 2024 23:00:24 GMT

GET
H2 200 fontawesome-webfont.woff2
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 75 KB
76 KB 139ms
137ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-12d68"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77160
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penciicon.ttf
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 33 KB
33 KB 149ms
148ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/penciicon.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-8370"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33648
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 momizat.ttf
krank.de/wp-content/plugins/krank/fonts/icons/momizat/ 102 KB
102 KB 155ms
154ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/icons/momizat/momizat.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:31 GMT
server: nginx
etag: "59dde70f-19748"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104264
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/ 18 KB
18 KB 246ms
245ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_2b6f76121c1edfca32982892e2a32bd2.css
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:40 GMT
server: nginx
etag: "59dde718-466c"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18028
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 move-3605073_640-300x196.jpg
krank.de/wp-content/uploads/2020/06/ 8 KB
8 KB 212ms
211ms Image
image/jpeg 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2020/06/move-3605073_640-300x196.jpg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

5db39a62ee9abcc30a30b63fcf2915e123217f6d2ff2a6a668198635386d61b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/produktcheck/nierexin/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=63072000
last-modified: Thu, 04 Jun 2020 03:43:00 GMT
server: nginx
etag: "5ed86dc4-1f3e"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7998
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sm.25.html Show response
static.addtoany.com/menu/ Frame 2EC6 716 B
743 B 40ms
38ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 9993
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 85610f2c5dbb7420-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 15 Feb 2024 22:41:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNPmod7E3XJlqGN4nQ7%2BOZxqF10ezDuTaf6ywUW%2B7MplWLBH%2BQLe81cR2fKYEMjfVCPBtbMWwcZnzsPjTywQ2D8M7UCngHAcl6dduCqUS2xPmmH%2BtxQz%2B%2FzDvPyLmmFigu7jh3x4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 105ms
48ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10973
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jZAqz4WAoB0JKUkIHLmkp4vAiJZgsmozAy0%2B1odrkezxuo%2BvBcfszJAGcVTMHmGhMn2PKe9RpoRRPEW2gQlJtir2KjkY%2FrIwW0lobTteOpI2fA1WJrcMzCfoycbKlxX1Lh%2FveSKJGCpVcRMLJ40rmLT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 85610f2c0fc44982-MIA

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

9 KB
4 KB

194ms
82ms

Script
text/javascript

2607:f8b0:4004:c1f::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Server

2607:f8b0:4004:c1f::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

198d6d513b26128ddbb294a9ff929fa1e8b297e00feb0929204558ed56cb6015

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-jT0Ps9FFDmCNTFzSobUxtA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-jT0Ps9FFDmCNTFzSobUxtA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Thu, 15 Feb 2024 22:41:36 GMT
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

Redirect headers

date: Thu, 15 Feb 2024 22:22:24 GMT
x-content-type-options: nosniff
server: sffe
age: 1152
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Thu, 15 Feb 2024 22:52:24 GMT

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
869 B 44ms
42ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBUeKc3uZaTzdjPCM7EeTlVseM7DbZTY2Of9t96GtWU7oTtX2LSWwdwR0XH%2BwLYsl0BRaXfJS5CzqdqvSTHdiMYXMVafvC%2BWCWuWlgcuDRG%2B6ID%2BNsB7MXU%2Fm7JPuykWbUgzGA4Q3RrCUWA6yQJOeie9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d2cd9b1-MIA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
942 B 55ms
53ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmjK9kvc5Lje7r7FHcinH5c55tayGcPjhGJh%2FyqbaXzF%2F0qyWfKkLKGCyKKJNq2QqKC6GX6dY0298DrVME%2B0cAqQizQbKzxfEzS%2Fpy2lWqxUdMzN0x5TkgKBty7PNI6PfZGFI1cQ9UTjIPBnPP3LADBn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d30d9b1-MIA

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 901 B
1 KB 45ms
43ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"573fae6e51435ee7155601d053377d81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrbUQ%2BsPtiIcSf9JEx%2F6UzrLPZrAMMGsjyhH0TO8v6kfk3jafteJRDm12O1ozZyBbWTozXUnz7WPtd4%2BhypP9CBeCd6DHSkak0OpZooI1X1VNrpfTsY3kJGWYyZ7cMw4lo9iWMcqL4y7fvlTHFfX3pEj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d32d9b1-MIA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 45ms
43ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6a035bb94747645017c1cfe9f5801857"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HYFFV78Mb9TEcYMBQe%2BvuS4YOkBcONTqGrqk48gf7tb%2BGEe4WDCwRIp1y1iBFZQ%2FsSP9gFEF7vPwAzdQgxqUYFkFrY%2BYLuc87P5lP6rwE5kfQcPB8Pmexh7hpWZ1i9hMLgmYeBNusbetFjLNN02ytXQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d35d9b1-MIA

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 378 B
808 B 49ms
47ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a7acd011eeba6d8c34c891c7c795d4e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDc0M6gmIylJVGovYHO7oYX3TYuchiQFFvlh1iBeQikRgtcI7HTxoTMRG5xYxSNRYJmLnhhpKjSuHSx%2Bk8GWHoMgHvqlUs7vmpL04cLsKKkB%2Ft43raW7BegpSRsGxrQBx%2FJoUKBJObgiWMc4KzLV%2FXwB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d38d9b1-MIA

GET
H3 200 wordpress.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 50ms
48ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/wordpress.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fed705ff9e8985758014dc0e4aca605e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90kED2AszxEn08qvuWDM19kpE3WUUN61Rc963jb%2BIm5CEzlcyR3MN8acne6pmkC17Q65iyXW30LwhC3J%2FYbqCWAZnAA4lxrW%2F16C18lVhEmATAu2zqHd1rluopxa4h1%2BZ1Xq3d0SgAEnRn%2FJbjFQtyhb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d3ad9b1-MIA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 427 B
836 B 45ms
43ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24799
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHMHYqnoExKVBVyPSWtFdO6mYaDo3swGkiluGyrjzIELWqlFFG%2Fz26NH7gHbWd7tUU%2BXuBYKzu6leU2dO%2F15ltjtrdqhbCDOecPK3UFM3PgwMx9T2ixKP6S5Sk5chuyESiJlWnypkErxejJ8xJndeEU1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 85610f2c6d3bd9b1-MIA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 165ms
56ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7168087d5f93da952708be1bc84670514ddd73087ddd4241d7aa06be86a2f57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Feb 2024 22:41:36 GMT
content-md5: H/a4RzXLliOl0IyrekdFfw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: UsCPg8tm/4tgo+gy2E1YaxPWYLY4e2o7z7ggKgPymdvmyg+Uf3S0VOG8VcZDrvC8zVQO6zIQWJQm8+VB+WJqVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f174ce81319829583c7e2049491bb9ea
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "bb908bdc4c2b38cf9aa01aa2fd6e3863"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 15 Feb 2024 22:54:32 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 115ms
27ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B14) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 22:41:36 GMT
Content-Encoding: gzip
Age: 765
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (mic/9B14)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
217 B 60ms
59ms XHR
text/plain 2607:f8b0:4004:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=264240961&t=pageview&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&ul=en-us&de=UTF-8&dt=Nierexin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1004007409&gjid=2116736660&cid=1833592369.1708036897&tid=UA-75122288-1&_gid=1112546001.1708036897&_r=1&_slc=1&z=1964720126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 40DE 319 KB
104 KB 29ms
29ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B22) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5721613
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Feb 2024 22:41:36 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mic/9B22)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 109ms
54ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e61d46fcac7243be47cf35120a653e5c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56b586b9980faa3895fedc82d3f7946549046f48ab48b532d2b84d9b90a1a684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Feb 2024 22:41:36 GMT
content-md5: 2R+10TH7kug6Y0SLjBb8rw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88665
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: zynwPuADeTlh7Z7zcrpJFIDBJ8qywev7MGWO7eM/qfpIhxNRDNM0s1zdsvHKaI8Qovv+vAI9BX9trxXtwaak0w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: acfb8e54867a3da028bb6512a318df19
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8ead30e2e0d395644e0a939b78c45df0"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Feb 2025 21:55:54 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ 406 KB
138 KB 126ms
125ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a955b5d86b03b44b4bec0819234fb3ce63a54e0d92b10a7bb2e24b2d30e54369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140975
x-xss-protection: 0
server: cafe
etag: 7609416772702165368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 22:41:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 223ms
59ms XHR
text/plain 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75122288-1&cid=1833592369.1708036897&jid=1004007409&gjid=2116736660&_gid=1112546001.1708036897&_u=IEBAAEAAAAAAACAAI~&z=1229220633

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Feb 2024 22:41:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
85 KB 73ms
72ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e4934d2c387e78bd8b8f0a1cce67a472358d26d301153e0dd31358601900f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Feb 2024 22:41:36 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 40DE 870 B
657 B 166ms
46ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4669b172ed50b98c32dc2390e04648fba95cbe79

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 15 Feb 2024 22:41:36 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 15 Feb 2024 22:41:37 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 299432ce0b1c6d42
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 19fcccb1e4558bc81ed95047cd0a1ab869118cd5f9e0faf975287299043e3b40
content-length: 338

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 66ms
65ms Ping
text/plain 2607:f8b0:4004:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QVNJPTS5GE&gtm=45je42c0v9100727719za200&_p=1708036896448&gcd=13l3l3l3l1&npa=0&dma=0&cid=1833592369.1708036897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708036896&sct=1&seg=0&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&dt=Nierexin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3049
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/8435450f13508ca1/ 318 KB
106 KB 57ms
54ms Script
text/javascript 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__de.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108420
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 15 Feb 2024 22:41:37 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/8435450f13508ca1/ 41 KB
9 KB 176ms
175ms Stylesheet
text/css 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/default+de.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 15 Feb 2024 22:41:37 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 54ms
52ms Stylesheet
text/css 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 15 Feb 2024 23:13:21 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 60ms
60ms Ping
text/plain 2607:f8b0:4004:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N88Q73T6W9&gtm=45je42c0v9135301576za200&_p=1708036896448&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1833592369.1708036897&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&dt=Nierexin%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sid=1708036897&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3121
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 27ms
27ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B14) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 22:41:37 GMT
Content-Encoding: gzip
Age: 5721611
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (mic/9B14)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0F0 123 KB
34 KB 499ms
392ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1708036897&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036896880&bpp=3&bdt=1014&idt=241&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3988413416326&frm=20&pv=2&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aebd49f91e8e9671577086d10e958616b663034fa0b277fa7b4bd55f9babac14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:37 GMT
expires: Thu, 15 Feb 2024 22:41:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.en.html Show response
platform.twitter.com/widgets/ Frame DF0B 33 KB
13 KB 28ms
27ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B14) /
Resource Hash: 320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5721600
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12332
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Feb 2024 22:41:37 GMT
Etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mic/9B14)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
100 B 47ms
46ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Krank_de%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1708036897177%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=4669b172ed50b98c32dc2390e04648fba95cbe79

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/nierexin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 15 Feb 2024 22:41:36 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 15 Feb 2024 22:41:37 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: ab63c9e8930df9a9
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: 19fcccb1e4558bc81ed95047cd0a1ab869118cd5f9e0faf975287299043e3b40
content-length: 43

GET
DATA 200
OK truncated
/ Frame DF0B 471 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 like.php Show response
www.facebook.com/v17.0/plugins/ Frame EBEC 47 KB
17 KB 250ms
140ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb671d447ea32fc1b%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e61d46fcac7243be47cf35120a653e5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a666d63d10ea6ad17137008823c317df39dcfd146fc439c55eb3f75a26efc498

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:37 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v17.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only: clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: t7GJ0nBwMH3ikM89pF2pheaUUsSGXSVxhfKNuoq0Jgy3MfG8j+2sKan/uKNkzEc3uwEYS12Lj+rod5GWybCqjQ==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 189ms
86ms XHR
application/json 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240213&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f55669014850f629a831ea014cf4994bc2c2d4f183178367880529a82bac9bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12380
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ 165 KB
56 KB 90ms
90ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/reactive_library_fy2021.js?bust=31081134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a0c2d19994862c37c9357aee09cea368c983479a6c64600bbaa008581954fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57031
x-xss-protection: 0
server: cafe
etag: 18095615535328875221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 22:41:37 GMT

GET
H2 200 ca-pub-7176323234405639 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 192ms
86ms Script
application/javascript 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7176323234405639?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4c9b42faf3f0a512726e089d183e41273f3ffe8cbed79a8d804a5ebaa249387

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gvSO2Be9qK2WAHoHyaL0AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-gvSO2Be9qK2WAHoHyaL0AA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsOoxSXF4KQhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejoXLdq1jE9iwdeVWZgAJCElA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 206ms
53ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 22:41:38 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 308C 838 B
729 B 298ms
297ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2497329281&pi=t.aa~a.3479421391~i.8~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=2&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1958&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58a36c9d2d7facbb5fc14fecad869c20f75c214cfb161d91f35bffdb4a88f642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:38 GMT
expires: Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D62 838 B
706 B 285ms
284ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2569360964&pi=t.aa~a.3479421391~i.13~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2608&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78dd178ff66f034243ba67028188168437b4bbc86653a8517025d8daa2d70dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:38 GMT
expires: Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B74 838 B
702 B 268ms
267ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=3345664795&pi=t.aa~a.3479421391~i.15~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=243

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23e34a4d2e66a171b4174039588c3798f5c2e9b1233824e3771edcde145ea031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:38 GMT
expires: Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7D6 838 B
701 B 250ms
248ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-7176323234405639&output=html&h=280&adk=1738339010&adf=2600070758&pi=t.aa~a.3479421391~i.33~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1708036898&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708036897906&bpp=1&bdt=2040&idt=-M&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=5&correlator=3988413416326&frm=20&pv=1&ga_vid=1833592369.1708036897&ga_sid=1708036897&ga_hid=264240961&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31081107%2C31081141%2C31081186%2C44795922%2C44809004%2C95322748%2C95324580%2C95325068%2C31081134%2C95322195%2C95324155%2C95324161&oid=2&pvsid=4379613268922677&tmod=1571125535&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c50bb71f20a61203de11a648c2bc3cbd123fe7b801f8d3efd217fbb33f093ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:38 GMT
expires: Thu, 15 Feb 2024 22:41:38 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/ Frame 12A7 9 KB
4 KB 53ms
52ms Document
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 60644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 05:50:54 GMT
etag: 16527497774665505917
expires: Thu, 29 Feb 2024 05:50:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWbaf7XkrC-eIoq74islRrZvn_zPTtlK-oVkj8xh7N_qghZ4N280BZITZvUtzY0s2NXCK1NUCxvjMoQmBSa8P2hTvR4XbNc9DqtBsjpn0W0rIhWp_iLg-izounohddxCCLct3gpog== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
80ms Script
application/javascript 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWbaf7XkrC-eIoq74islRrZvn_zPTtlK-oVkj8xh7N_qghZ4N280BZITZvUtzY0s2NXCK1NUCxvjMoQmBSa8P2hTvR4XbNc9DqtBsjpn0W0rIhWp_iLg-izounohddxCCLct3gpog==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDM2ODk4LDIwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9rcmFuay5kZS9wcm9kdWt0Y2hlY2svbmllcmV4aW4vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/am=YA/d=1/rs=AJlcJMzJefUih125WUuQlfC0f08eNrXXFA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

806275f26f49e72e115496ca209ecd55906979acfb873d56c08e70bb682764cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oJSQUNiv5YxEXSry-RmSSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-oJSQUNiv5YxEXSry-RmSSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6ORct2rWMT-NF8rgoAllZEMA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame EBEC 299 B
1 KB 55ms
54ms Image
image/png 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb671d447ea32fc1b%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date: Thu, 15 Feb 2024 22:41:38 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug: tsTVlxtxMP7mpczSbxY8fVeB8tL+KaBE+QSHUkp128tW+6vvgxkarHHypjgVSEPfa1x8sjdX7MdtSORF0sjs9Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Fri, 07 Feb 2025 14:14:51 GMT

GET Q56gP7IVe8z.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/ Frame EBEC 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7BC 13 KB
5 KB 54ms
52ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 35335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 12:52:43 GMT
expires: Fri, 14 Feb 2025 12:52:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7D2D 829 B
559 B 72ms
71ms Document
text/html 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af4c84fcb96d6c5196962f37e21219803c78f91731087f13a748fab505f4b4dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p4h9y1ov0le97ESG78cz4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-p4h9y1ov0le97ESG78cz4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:38 GMT
expires: Thu, 15 Feb 2024 22:41:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 like.php Show response
www.facebook.com/v17.0/plugins/ Frame 898B 47 KB
15 KB 144ms
144ms Document
text/html 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e61d46fcac7243be47cf35120a653e5c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

470582e3235b6e021cabed1a37d07d36d75434e909a973f47dfbcc6195e12bc8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 22:41:38 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v17.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only: clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: AinqUIPtMU5e/SACXTZneWoPbLkvIuPaLByx6aEr/SV2ktufDeCiew7QfS51eOBbDEPcZMAZf+o2YwU+M2n5gg==
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 12A7 23 KB
9 KB 54ms
53ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 04:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 04:47:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 12A7 9 KB
1 KB 171ms
61ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Feb 2024 22:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 22:23:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Feb 2024 22:41:38 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 12A7 15 KB
3 KB 160ms
52ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 06:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 06:06:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame 12A7 379 KB
132 KB 162ms
54ms Script
text/javascript 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60990
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 05:45:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 12A7 20 KB
8 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 05:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 05:02:34 GMT

GET
H3 200 AGSKWxW-WfaDLibCrAMDawOGCM9G94b5gsnGLIAdQ5wB8_-dge60_acIpAXc6J-BADPGB51IiLN62DCNEIdm2nZHXLUB7h3oTKaOxKPFOrWWCojWzhlZYRYn2ahO2t_SVkwvaD7QBJ06mw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 88ms
87ms Script
application/javascript 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-WfaDLibCrAMDawOGCM9G94b5gsnGLIAdQ5wB8_-dge60_acIpAXc6J-BADPGB51IiLN62DCNEIdm2nZHXLUB7h3oTKaOxKPFOrWWCojWzhlZYRYn2ahO2t_SVkwvaD7QBJ06mw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDM2ODk4LDQxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8va3JhbmsuZGUvcHJvZHVrdGNoZWNrL25pZXJleGluLyIsbnVsbCxbWzgsIm9IUUI5T2U3Q1U0Il0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3be9af8a0c1068b25ad658c1f76f9250c6f06e258eef5ef812988f3713d4a270

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u5ffEPMDSu-ZWrVxhCfeHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-u5ffEPMDSu-ZWrVxhCfeHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXFEKwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiEejkXLdq1jE5hx7vkdRgAVC0m2"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7D2D 0
0 109ms
109ms Image
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240213&jk=4379613268922677&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame D7BC 39 KB
15 KB 53ms
52ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 20:04:11 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 898B 299 B
447 B 54ms
54ms Image
image/png 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date: Thu, 15 Feb 2024 22:41:38 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug: tsTVlxtxMP7mpczSbxY8fVeB8tL+KaBE+QSHUkp128tW+6vvgxkarHHypjgVSEPfa1x8sjdX7MdtSORF0sjs9Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Fri, 07 Feb 2025 14:14:51 GMT

GET
H3 200 Q56gP7IVe8z.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/ Frame 898B 529 KB
137 KB 55ms
55ms XHR
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/Q56gP7IVe8z.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df15f73809b848b4a6%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff8f98aba43ce0847b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fnierexin%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d62261bfdda45a21496d6c16731123a2105033b3537dc5415c0923d8e6584c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
date: Thu, 15 Feb 2024 22:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BdrMebHhKtkkzVQkhc52fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139896
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug: XBBV+joEWq65q0pCBbaqgoMoJoYTEAO+Jl0oPH1BHq4psCO4qYo1GzyqkmonAd3t+yBDyx4JMSplTRnFavtixg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=1,i
expires: Fri, 14 Feb 2025 00:02:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7BC 0
10 B 52ms
52ms Image
text/plain 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?619vNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 12A7 0
234 B 767ms
244ms Ping
image/gif 2404:6800:4005:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsnt2hta&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 12A7 15 KB
16 KB 190ms
52ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 03:01:05 GMT
x-content-type-options: nosniff
age: 70833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 03:01:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 12A7 15 KB
15 KB 199ms
65ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 02:53:49 GMT
x-content-type-options: nosniff
age: 71269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 02:53:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12A7 0
20 B 135ms
134ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1708036898747&ai=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 12A7 0
54 B 749ms
247ms Ping
image/gif 2404:6800:4005:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsnt2hto&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.18r&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 12A7 31 KB
18 KB 207ms
85ms XHR
text/xml 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AuJ8iXbsbubcOJWRAbHCLm9PbwGyxDTF2rUBVyMrJsCHUV7ywL1FLSOvnRQvl_ARd5igYQFCWDifKwQqgdGiARpjPNzw&cry=1&dbm_d=AKAmf-DNgRvczeKuPkqnZ1IjNcK55w0v9Qq4_PzUDDAUEMBuoexfg8BBYQJG81wcJ4wmkiWTpeydLV1xQ3kXAC0x3B9yeiBb-WBFjlzA-GNozSiDT-VRJr53cJP0_14dmNAVThgxOJmFb6Ev7HYf6tkHuVING-vHBtNK8SfzUoZSmteSwvyHIpaCYS9H6kIJLjexmkuTQUs5pG08fiETklHRQV4JMhX4JGR3aA1srD11SaYaug5hE-tVitSXxXThA9CjwKiyOR9Jn70sXrT33azjcol_ql2R2eaBVCuODnf1P-CkVZWk3Ra69a2yaOwuhpPJsNs6OLksD0cBLROVHNY5MFCFgbHGChPuBT3HUlq49HIhKXVzcyOsavKKfve7RY6dxKo7-q2PWuiEuc1c80wCq3mqJb94_11cnYM4yDdjLp6Pzo7JhpkNhAxH41f3ZvN_4_1bVTV8e_lXAXbH6Wn3Iw1Jqhuf58QUpiX4OGqWQ5XDeUHQeZZ95Z3nTFGmmayaJ7faRSkA3RIFssH5nbXoCd2dr162A-iNJp6zc_pUuiBkofPUPLDVLBjyJCjNYkXxEotvZ5oS7J15a8yb-rSu--CHUWZnPiQXOfbfvnVZ6DcXvab4EuS1vAJEE9tlfo6TeijxeZWVNwDq37rWfuKzcfXAyinYXOHo2yciivjHOVOaQwF-fperzThHgScW-vh6_pan02l5FymaPK83W2MTo42KaC2zCq6b5HA9QfpCoeFu0Mq0K55UrtVfPUpsrsmso1gpk7JsKYTjEgl6FybnLetAP7UFDEx74riGnxMRQO51Eh3efrGGw-Y1ZfWVVGevAdaVDDuOZr2Ybu_Oh54CbmKRuss5WddFXee3G3Y8cLGwfyBBfz09T0peXEoR52c7I3LNe5FhPxZH-4NKB3JLaWS4yv_xIHFm-kQ6zoXjlYsT2YAKmno-3O7Hhcuv-GZ5X1akjlirAx4FdhlLvUN209lDS7S4ewABtaZXokzsvldh7lOfIIHdV4ygAQ5drOPZ1tQL-zklDfAHP-US42sZOOPIvyYqG-1e5TE6k90YppaA4XnKC91xg2JJaVYt0Ul2ne8vbt2Iqmdbop7Y1P44_wxLVLWxMovs6M4Dl4tuLVnoabU1Elw6TYiN59_BnhKiN2QkrTkJLHg92L6xEhA9Rmb8Jh4AtDpOJMNFK44dqeSYIm0mXupzebw_5aceF33kFUmJrCD7r8xzg2Rt01LTjW6Bj2HJzmyCzT8jImq0v9SNwGlqsL_ekR2gLJSRtgFs-qyOpgn-ZNUsHy2PgnAp8KzkA_IAJ9RVLgY7_WFOnUFl_0QxjOEzFLvopZd-tAADvO9b8rbj8qOC_kMUjQoMh5QwFgD8FBTaMG1Gc7LsgkJe1Sobncsj2kbxpDzxykmjh8cCxMcbjByuF2vdaWROMVIWWsFrPmIe5ki0rVmslEd1uOe8L6-V_2aeqAx17m4JnEYP4wEdg825gAtCyC2DjU2N7ZdPSKFUXXzJaDF67Kobm7LhOILPMsni93-4Uu2L5CrH7ZaOpICZUUIHyuSftP1iwGRhTsfTlFGNFxFub0sY7tPbIEvJ01nxbOKPIvmXqhxWPdvRCygpagA-4FaGu4xSTntDTK7zz7821Vl0eltI4Z8UuKCCUr1PYf8rFfa_mPa1oDyHMKvd4XbDyk6tPthXxqpNatvcaTqb2EIy3NA9Gmlma29hM4LSFTveXSU2dA-V1ZjRbstXvemVNds1_CD4xq_MgzQu4-FEXo_PC1lFLfJMrysmkKbUhY4SdeoOkAFYafSNzFjFc0Ar7UTBlLLFSEpc5fzoegG7Y7PcHsIB77Kj1rUqAj9xIngYSiTWPRB2viCFVHI5X_lFc1YjV6KFB0ukfLV0U932p87-XsnBHZ8lbYyZkhTxM2HgbD71KZjn9HSLYlIckQeAauK3DzKEmUC24g5tkWigGWJ7We0fsZzGaDOOvZV1cut3Gwr9B_IhT7q15wSbvJsyiXU_oJKTwBUO9LdqsyuDYRLajkNfm4P9ro3mgArv339Xo3mU3ElliCoV1qtTiV-xH-ljekTDYB8SsYrOxYQn4-LWVUjQtNZ96QIxmnevGFfo0Q0Ov9xMzTyRjCLG3npm6Ek8XYpuInFrKK_0ONDP-KiHo72Syd9XsitSyHaU5hi8HLgksvIEN4getmoKuy37YHbEqmYAKYIgVIKVZR8ldW10tVMJjeDEPYni89HeU1SzyrbA5Q3Xswyw7Y-He9SweC8J5HXWAHZzw2EPoXPJPUGdXMMRjWbTIYE5eV5VsV_gaMPaYCdBGsgf0APymQG1YG7LjY97xNMMamZcGbyENA7vANtIc9f2uf_wEqxxhR6FEfnlr0HWNSjxUMd2ffm9pEPKfRBzi1fJnZgWuxmZHsazkdiiWZHnNxd4zuc2tAWVmg2x8RqEQ2G2POeFjyP9f6ityWryU5SIOIws5_jwSYbKmGXBaFt7nVraionCf5d1sJxdoxO3kJWkYCWQxJUS50f153Bzh8RMYjGSaTcuHxMR6CVK0UWhteiB5eTsa8nibKDnGnbqboSNZQh-OXmfK7q4ugn-JibOWPADFAzSiQHHOb-KYXKZzd0kMIisaIXoZWK6Y_BIARPZQ1dwFu_6Y28WmTAUsyRmjBGVXQ05N70FWuA-URhybx2erQ96H18ruXuijcjZCVn1IKBCw_T8hX_ACjdXHefCoqYv0jSQZg8V-rjYdVaTRKlBNA60sQYRb2JIFA3c1motHej2vnF8looT3fWbMQRYPRjcZboAqoJ-i-2SRM1smq90YgTM8ZHsH1fTWYuY4i_G3yEnQxc_4LM_lEOg6bVrboORHwRLKSsOnQaLP2S0prX-24wT4_nVOXm6aswsNKzoVH8HgteKBL0wl4LNin2UR56SzRwyz_pkAcVNBJP32mfJY77OarxFWPQC_JvQx2JNrGAb_14RRsOeR7hOnpyXiucvW-JYNnN3t0otIYLIvwIgyeUzJ4ZUeHhZE6SXZWAGt2lHW1C80zo8vHNTvY1GzC62HJokSIoHh7r5SIORyWj8M4lJ28TzZlXFjxElm3A_vP001Bb3K-QUFf3kAqzoyTESiGflYb4tRa-SfroVxBTns1gShJ0hssKxw1uwB9m7uaNkkLpaIv8zdMtu-Y0OKG4Z92BAozMT-syTnnDp-umyW4SSeNjNnDszhjU4fjV4Qj3QH1npExelC6bPhWxrvkB34L-B_pZTmwLxDf76IJmWADXSEaa1xqxHeyVoC86rEifaJDW2QNVYMW2MtWsnM9LohwYRsS7OyOqcN2c8TveTpfew1z7fnHlFCEROwxlLkyBKiec2x--AQSCNGrS7dJ6zHDAUQxiYKCB_cBr2C1IiaakpLMUO7pcIRLyWC3zTKfM6GkjDVKlOPK8EZ2vxmG4v-g9aVpEjfm5CNpBficONdeyqLspEk-cJUT6A9QsyN6cvXnXtnagQuIZStQunU7_7A0cWGqKTqB2MTfP4TfdZhG0a-hnEKJ0IbDbQMWi01_auEDvhYLUAVVu2QuzZN8byJFes6OAG9xUPyOa4y0BeCeBqRbsGcvG3Sgj9htu3oy9pgu6apOXgv31HTt1E81oJnjBB5u5jyQPEgqxzjHZ5MAfvLpDvqF2-WTjTZ7l-5cApBVqGo6ARkwedryU0RXsjXnjMjohGz383CeCfwVVzDL28oqkAEXQaZR5pg_LozdUbGmKIIS-r-JU0JcP98w_3zYUDBMFPfuIc6HUBJczeMy37lwirlnhkWEhM4CvZZDluDZmTqydeKxkG_Vfbv0l_R5pDgWGnrqIQ2zrdAiI&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

dcd7fd1982e2105e8c76d8fcd947d802f0a40b0dfa13150c8fb4bd6c4eb3d7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17686
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 12A7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47eafc65bbeb7515dcfe85efe45059847fbc09223f7761beab225a28baf52703

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 12A7 0
54 B 523ms
246ms Ping
image/gif 2404:6800:4005:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsnt2hu8&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 12A7 41 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 13:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 13:11:21 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 12A7
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

200ms
60ms

Fetch
video/mp4

2607:f8b0:4000:7::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:7::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Thu, 15 Feb 2024 22:41:39 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 7654419
Last-Modified: Tue, 17 Oct 2023 17:05:23 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 15 Feb 2024 22:41:39 GMT

Redirect headers

date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4C06D1C855CB7537A7466E7EDA4AE47DC1C93138.104EF5DE74E6BAF799582E516B3364A9E4500545/key/cms1/cms_redirect/yes/mh/p_/mip/2001:550:1d05:1::10/mm/42/mn/sn-q4fl6n66/ms/onc/mt/1708036617/mv/m/mvi/4/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 12A7 453 B
589 B 53ms
52ms Image
image/png 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-7176323234405639

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:40:26 GMT
x-content-type-options: nosniff
age: 73
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 23:30:26 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 12A7 0
54 B 510ms
246ms Ping
image/gif 2404:6800:4005:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsnt2i0h&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1841&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1f8~atrd.1fe~videopreviewvisible.1fh&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 13E7 23 KB
8 KB 54ms
53ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 63537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 05:02:42 GMT
expires: Fri, 14 Feb 2025 05:02:42 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sponsored_text. Show response
fundingchoicesmessages.google.com/f/AGSKWxX56ztH09yUeKJkKHKzkKDTJqmpLp63QxaQkbxV1tJx0-dfhIOYawrD_178V2lOoHL4YsyAbwpg1RoJpmCsXSUkZAR2m3kkVAsXXVNXbmWnrWRNJjuqchNAUoDz-mciZEm64R-SvZr0QbTLUbhQ_DgeHJ7RF... 54 B
110 B 75ms
75ms Script
application/javascript 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX56ztH09yUeKJkKHKzkKDTJqmpLp63QxaQkbxV1tJx0-dfhIOYawrD_178V2lOoHL4YsyAbwpg1RoJpmCsXSUkZAR2m3kkVAsXXVNXbmWnrWRNJjuqchNAUoDz-mciZEm64R-SvZr0QbTLUbhQ_DgeHJ7RF54ZyNcncXl1GH-gkNV0LdOYv7pM21PB/__rectangle_ads./ads/banner._ad_square./sponsored_text.?ad_tag=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.oHQB9Oe7CU4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxIwDX0Zeg4sRcTCe5PTSRTRZQU0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da159f4f0f5692cf42518d9d01efbc33de5df8686f23ec1c5cac5ea33d6b2b1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NK3nrmhUV7V0iLhkt44zGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-NK3nrmhUV7V0iLhkt44zGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsOoxSXF4K0hxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99eckk8PUlkwQQawHxO8lXTN-AeIePBwvfuumshuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWECD-nDmD9TcQ-9TPYI0DYiFujsXLdq1jE1hxo8sPAMUySNw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 53ms
53ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d351abe30325db105fed7efd6f8a9ee698fd888d13948bb9c8f7b183c59ace78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2389
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11396
x-xss-protection: 0
server: cafe
etag: 9023021008083772581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 23:01:50 GMT

POST
H3 204 AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 175ms
69ms XHR
text/html 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zLhfA2fDRqHwqKuhr_M2yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-zLhfA2fDRqHwqKuhr_M2yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAj5ezGhgBAM8YjQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://krank.de
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 12A7 0
0 119ms
119ms Fetch
text/html 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJowEIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAaoEmAJP0B8mMddb21bMUpeYpX_wwxbCWbRT474KLL-p5pE2vtmKSZUKSCVLPEQwAAEdOXzQEmvFdLk9QPPqoaq1Oxh2jZDMbVFJ8ke3w0A0u1gg3U9Qk5WGsZwDj1DPBEqs8nb3BhVQe4ROfvCmgszhej9xzXCRA9Il85cV7vDLJcxIK8q1iKWl8oL0wNQViuubhXGy1_V447jd1T3QDm58PmdVbVSah_gD7PUQQhz0LWRfd9-aObTlTiSGhiYrVmqWMrfBnwn35MKY7hAUYGVrnn9rILjojk-sGOCC9fnZLjoLi8tD91br2QRxRii4c5jYpZua2TZHktCNuvtGZuLaemCoQILL-1VcUmhVNWUZrpPo5X09XfZNnYCPwASy4NiwpQTgBAOIBYSMjJFMkgULCCIQAxgDSIWshwKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB76--DeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHChCOsxIY4Y-s8wHSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgHICwGwE9mJxxTIE5KGsuMD2BMKiBQI2BQB0BUBgBcBshccChoIABIUcHViLTcxNzYzMjMyMzQ0MDU2MzkYAOgXBQ&sigh=-0ZusWwq9yw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 13E7 39 KB
15 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 20:04:11 GMT

POST
H3 204 AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 121ms
74ms XHR
text/html 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zVMTEq8Ha4gY-iDQxsgKuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zVMTEq8Ha4gY-iDQxsgKuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXMsXrZrHZvAhU_X6gHpDRir"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://krank.de
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 111ms
111ms Image
text/html 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240213&jk=4379613268922677&bg=!tLelt_jNAAZN4L4YbeA7ADQBe5WfOFB9PpmQWsT-hrhcw2wMSqrsF6rN9GCrFLFzZAprUlXFEFIk9-quZhMBjnlhT4ApAgAAAGpSAAAABGgBBwoAeujjmPi7iDEZ9zAOJw2lpFfK44CIoPKIViHGNQamJB-zn8YVWEPkXxeQaDbGwpBBZsIEf3b5tyqXVPqNx9EABSCM5r7fVhelZS_XoLQIySCjklgDrUL1reJDZwMzMAopinOIzJGmgk4nxGqy1Womkzw7t7BVi2_1mDi6mQLCHc4vzls91bDKZQa3Ow2WapxXfiAb8y-lN0TupuYmHsEQQKQQzwVOIFgHSntSbTQrOj4XBYQ4U6vrkzDDof8_-9sfB0TrlyL9UV6uACznuLI5vQ88J5XiZXo_6sqrYDsiJOHuOVMEbS7UUG8baeFMtY-vHEFq-uwEEv7J2xRb-jd-yiNTjw1ttauMDqqIBxNLj7fwJIgSiFH_2e4cOckx1oGuQcl-z6X3nRv_WPiJc2GyPx4yxpmqln45t50_aB2DyfU-qfnvbWlnsr2jFsOZixUPxq0rtpeAdOTI99OTSQIxq7sX5fZlfpHGXFg1i3Z9M_5_hOISEBIENDsLyCiIB_jFx0IGV4eveqXtbevm1_8fkojiq1GzyTnewT8s4_2W4GdxKqIWqJPMfNvZ4PwNvUTThjc30ruW1wFrz5SGfhVR6He_hExQsHbqYFjHKyJB7GypGQhofhwYVBzMPbqc4b2pnw0DuLnUHOqnqPB7WTvcSOzO1ppvhb77VdEqylZ9a6j1o3-6Y_XGNTfMcoRIdOYWL_D_OxrlslEy2IFXJAv0zECCMsV09eU5S7FVx6adcLDpTot3tmQeJHUx9HSOHvZnjW6U0zRfOhpG9Z5ZPODBnPQKV8taG_VD0mj5xgDyrGLtWKmjxFAjE1918LhTCYS3EqnkJcNNG7n6K7JGbvabJz1Cy2FdEVj2a2k9Xq7T749vR-AVB0xsLImvvkSEeFE2YKaOVckGV26JY3KmwJqCl1QJNMiqWh4-1qoNrVWB8YrmUR3pLWQ6cpTfm6pxLB3_M3osSRfTZmjFQW4eSTETRVsjTykRJf8GNclh8GtIMfjHTHKuoXBESXcu8-Rc7p8DMoibb-Rc0GdJUBgBJIJ2K78zgezHT7aeUsAZu0Tzg2Dvb5elgg5qFZosXY8OgNBg9JOi6pQ2D_AVVRitOZ-nQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 105ms
75ms XHR
text/html 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RrcNVkMOFyb9NFfvDHZ5ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RrcNVkMOFyb9NFfvDHZ5ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAjKfLGhgB_ngYMw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://krank.de
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 102ms
73ms XHR
text/html 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RJBUp6GD4DAuXVWA5tCSzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-RJBUp6GD4DAuXVWA5tCSzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAi_lvGhgBAnsYjg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://krank.de
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVWHc7fk9vNWbNdorfreigIX6_4b18HvAUW5MEf6TLbbVR5-3YaiS9g5ufPnZntn_JTF3kM2axkrfLvTXgVWvbpB3gp_Q8JvDTD2i9j2zDaSDiy87s3IU2dWexBP0PfkXhomFllDg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 92ms
91ms Script
application/javascript 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVWHc7fk9vNWbNdorfreigIX6_4b18HvAUW5MEf6TLbbVR5-3YaiS9g5ufPnZntn_JTF3kM2axkrfLvTXgVWvbpB3gp_Q8JvDTD2i9j2zDaSDiy87s3IU2dWexBP0PfkXhomFllDg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA4MDM2ODk5LDIwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9rcmFuay5kZS9wcm9kdWt0Y2hlY2svbmllcmV4aW4vIixudWxsLFtbOCwib0hRQjlPZTdDVTQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10c862b5bdfdde6433f46d926d5715cd2cf9578f2bbb248fa7b38b00d142e0ed

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zcjb6fd3oqLdDYDEDUc1xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Zcjb6fd3oqLdDYDEDUc1xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjmsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ySTw9SWTBBBrAfE7yVdM34B4h48HC9-66ayG66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYQIP6cOYP1NxD71M9gjQNiIW6Oxct2rWMTmHHmYS0AleREMA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXh8xA1ap1wqawUZEh8m28bOq-KABCpy9ZqGUpdZUIuzx9y_PsgUQC37NorDdrYOWXclOrEC-6ktrIrISZH2DE3fdnoevPQ0--ezV0o3cDtIsaWE3Mvss65dLZCHDQmBdb90VdkYQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 75ms
74ms XHR
text/html 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXh8xA1ap1wqawUZEh8m28bOq-KABCpy9ZqGUpdZUIuzx9y_PsgUQC37NorDdrYOWXclOrEC-6ktrIrISZH2DE3fdnoevPQ0--ezV0o3cDtIsaWE3Mvss65dLZCHDQmBdb90VdkYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5yOXONLXcLf91g24vxQPiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5yOXONLXcLf91g24vxQPiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAiqvflzMCAP9NGKk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://krank.de
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 74ms
73ms XHR
text/html 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcWtAnEAih06UiUe3IW-YAMK7d4COVA0_yfDsgA83NEz1SyUbwi13RkbDnrNCiWKC29MhaIHfUvdMqspMJtCKGZnU1a0zqNDohK4PVkx-4jmECZUXMgAUXDSKRcn_rXKn1339svg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xZ_uD0lqpIdQy1k5Tbhyjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Feb 2024 22:41:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xZ_uD0lqpIdQy1k5Tbhyjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmLw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XAsXrZrHZvAikm7ljMCAABDGDQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://krank.de
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 13E7 0
20 B 110ms
110ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BX4hTIpPOZZH4OJTQnboPiomT8AMAAAAAOAHgBAI&bg=!LC-lL2DNAAZN4L4YbeA7ADQBe5WfOCXub1JtXOS_qaW_EUPESP-79ISmAUgJZFYB1WGxwOHHa87Y_iPNtNP1dI7OsEDLAgAAAH5SAAAAA2gBB5kC4b8IfCWF4rtN-QpeT2vf17wOHnd-0-rDxTOTS2dVlSDmXzmrgG9UTiaJmqz-4D72S84xPihOB75NmPgyMFKO_a1bYp0sK1pH4dFMAAw189zWDQIGa2fkYvMdyeBDbI90sqnaOyISjK6c5lwHElgqhR9cLJvHcifPOZIqipBNBs4oaV_AO3tuOJtH2H3rPqcRm1M4kc8BjLPF3HzEwsdsEFXp2R4pwGCmP-V6n6gIedkitrAX8hy8gGX9M5KyMRZ41heZCtZ5HXX6PSTraVsPcTx9TMDN3YCNb2e_dxJwz2r8Ps6c8BpCd3aD7aBgyPhXBOylY1sbYw7SvFPuHP5WA3njQePQNPUO2FsCXkImZKYX0CnBCmgirQbonyg3m0jae3gyjYpiXJKdsmTLTRIAK4qyYGGf9l6kafDLh6Skw8WjMMJI3KZl5oIpeekirE-PWzu8lRDNDk5SMSSzSkrfpPbzmUaFk36XTH4mSte427pD1OGIqtVOdal8ZIQirpOKpxkA44fRBI8gAp7-aT9JxzYKtsnJnKF1GvVnWxr4iDjEtrzP-BpLmG0FOYLLosMVWbhkY_U0h38QfuoD1XY_-0h5O9vgyZoQtYBrw_5pldZ8yGdHyO-veagjR1d3K5q9GVp9yHAAp6fIMwotZFUVnC7SaXfCw_eCZtWgeoTWDcjLkcgG-2Zjrz__Xk5JqepG25_FFEk8yFz_xoQ7Ee_REIYxx7yikN8WrrpFjEixZR7uyf1eLIGa9ytVMDm_lxZpWMnzX2k3442gGUA10Aitmu85mvhW_OZw-mPnjGbLlEeuPA10fFu0D0NZmxY-j0G01pJsVK7PgoVqVvJVSd__wfYc2Cuo2WjtaZ21ijLjBueqcLKbWxINLtWydRZmkzY099zm48UQrjoACsSAMz5sS76sWL5Th4B8pLiXfRJPfn-dw0oxEA-eMcGvGrGiHX46Lnx2Rf-fEJq-9wyx79dVbR86

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-q4fl6n66.c.2mdn.net/videoplayback/id/e38e94095e0e0255/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842010407/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 12A7 4 MB
0 119ms
59ms Media
video/mp4 2607:f8b0:4000:7::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4000:7::9 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 15 Feb 2024 22:41:39 GMT
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-7654418/7654419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 7654419
last-modified: Tue, 17 Oct 2023 17:05:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H2 200 dc_oe=ChMIkZH_pLWuhAMVFGhHAR2KxAQ-EAAYACCylr1gOhkI_pu9OBCy4NiwpQQYkoay4wMgivjdt6ASQhMI3IyepLWuhAMVbhF2Bh2wBge4;dc_rmcid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHV...
ade.googlesyndication.com/ddm/activity/ Frame 12A7 42 B
401 B 217ms
109ms Image
image/gif 172.253.62.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkZH_pLWuhAMVFGhHAR2KxAQ-EAAYACCylr1gOhkI_pu9OBCy4NiwpQQYkoay4wMgivjdt6ASQhMI3IyepLWuhAMVbhF2Bh2wBge4;dc_rmcid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB;eps=CIBhEAEYHzICigI6CYBAgMCAgICgCEi9_cE6WMrAm6S1roQD;met=1;acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969901;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708036899688;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.62.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bc-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 12A7 42 B
64 B 81ms
78ms Image
image/gif 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU&sigh=GIr7y9z9JLE&label=part2viewed&ad_mt=6&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969901&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708036899688

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12A7 0
380 B 124ms
119ms Image
image/gif 172.253.115.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMgAo3rjBzg42Q9ZmZ0ReJr0fexttBsCag5agBpCFv5Iy_srSSlIIChWCpdffyPZbWQpGkWEZETXoDtz4csxu6Q0dA1LTdBiPVWI1qkgpXkpsIA3P-fPAgJg3ruoxHYS-WRxkyhnUPSqZC5h-krAF4xBuWpKKyHTbjVacAJ6FpQ6-3Z_7iM5w3rxUYHFxtLdBexIhsiKuuuIM_XLMXGKd4__u_cRnZAadMqPEj7v2x6zNqhhINHLlxsV25RhNEJH40ST_atAzSUxuCCgAKls9oXaVjXW7SrpR_NkQfLu911yf8Wa12Dcqy2io4twUQycUDtbG6aKaggyCQwwxOm3b6rxT_0YyVik1LeWBMatUK5Ukk7kRHO55iYCFCjpeHdQfcNu04K9cEJlxnVKWd3Sy5UlPEGyylA-TrgpGlwj-cLcNx3DpkB7dEpRKL13Dv_w2PEdzDe979yROdW9CMQnswIGi0MDXcOFwvQBrRIghco6gmrUhTQKJ4oKpU9QI81gagIyf7eiZckRSOksY2tY1FaD1aw3fOuFsSk8xefRbH97ISjBBpbB4gckXyR_Vrrw_UQgkkrjOd9WVRpuJv7RJQmCVaejE6OqjJP2vubhEvrFnwoWXFP0SSXPNkS_JsTNf8g5LoUyXAZBzLyzB80-kbkAFl8vDJw8SSHcyNi7Pzxsz8pJicNOkV50-XNfqcTzvcBDGG8ZxCsINdDvHwdP6D-bO7Q2rheYXyuzeNlSABVtrP8PMcIC9qWrowzrH2zYyAdhhwV-P5GfI1wFBChqeIt1NjjN7rbsSL2wFbAeC7fJG2B_58dZHQx-da92_qfZH8T6uotUL1u69c38oK_vJGRR22OSkNzVs1eg_IZWr3kBy22bDXgECZH_fhFbIlX66O5VPrLar7riI4JXwZkMGqfFIDz6oDXMSFrBDmasmqV2rIkAwWyBvqxyCed2XzYp7cPiK8jtQPX_HzkAH9ywxtzlf_R-5OUdhb5kG_D-G-vok3g1ymtPCqXciZpIdx7fgqvlpWSS7gsTUmovF5bDOlJKXGgZGaXAgTxilPyoVvUW2zuXTGxssTtiAD2ld8B-Fpsx-aW0OpcJ-ESecoP-b5WD_cQ3UffbYYNWExtecsU0-kTzVPJfRwoNGFLk36r_OmI4mCXPR09F5ld2Ki2zq98OCiYmSTs5Aj3X8gY9a7ofIkg0h7JPXqIO668x7N9plVaTPsXQKNErQ8BrijBBlqumHHhdSn4UqPlc_7H5u_0NYUQOzWWARrEjdLocVNoIDjAiCkeZzv-OT4zQ&sai=AMfl-YRvv5YQvmnZL3-GnweWVWo5z43AAfbzemYdzAYT_TCgrqY1imV-gkdQyeoPHFsazjd8T2tJXjz_ymcDN7sxwbEazcd-ET3FSjj6Z9k3WGxvPz6y_ZokMm1U7fDFgwbXbCQ-uNOnW4HNoPBWB9azxu9q7Gx5RMlxpUzFuEEJjtkaKdFIazeWoq32UyR49Xo_S6pjckEnZ6Lpun7ZarcqEzK6aGq-jBcyLdEtM9A1Uer5vmjWOPLgXQgPtLCKJhl8ZPjphfViHAOJqgZznRglstue-RND21L4nau3Ow&sig=Cg0ArKJSzC2AZs8splFgEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 15 Feb 2024 22:41:39 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 12A7
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL8BEMmpGBjhj6zzASABMAE&v=APEucNUXrTULK88tm2u50YzsgH5-RP50KZYonZOM_i4kEsxJprVJ_sQ4sKgSN9DBa5pO3gKZqbZznwsEBPBX7kP25XTuGEOIcWvLmP1KKM3BA5CJT0UdzFw
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc6TI9HM784AAFKqAGNsIAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1

43 B
768 B

70ms
70ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhXfi3fXpy%2BCBfvbdl4wEA12xCCdJXrFQsg7pzlrnHkelPMlDnbSg3SaWwJDor1WrJ7RaX3uXE7ccUKfVS8y7Xt1%2BNug%2Botsf219DtCLVWjNl%2FGwgYI1LbXyIiefbU4ZdYfxss1vr7RXPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85610f421a886da7-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNG0C9B2ruvcb9gQrCaxWk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12A7 0
20 B 111ms
109ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 12A7 42 B
64 B 113ms
111ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM0HoIMT4QYAqxXqbHldbSMpAdzzVroAtB9d4_wRMSoLeZFMiuEPc1yb8ZLsgDyUND8Pk0PfwYA9bsVe3i9ftJ5Onag_KjIROYOXu84xjGru434a76ssPCnwQwL3y4KPqZvdkUWM1U0NX66MtOvA&sai=AMfl-YQ027bTGZZX5DSk35T31gsr_KHwamr-M7lrae1DtJ-QL0LkgZu69Gk65HFH3nSttFyCX8wadCPztYwO3FYcxfvTk-QflC5ou-ZHEoBfepoCeTdwyULjpMdX4k8SYdb7wOTnFU26acEEXM67WM-e&sig=Cg0ArKJSzKONyYfQ51fLEAE&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969900&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1708036899688&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 12A7 42 B
64 B 82ms
79ms Image
image/gif 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRKnWIZPOZZz4FO6i2OMPsI2cwAvG7ozbc4r43begEvAuEAEg4v30BWDJhoCA3KPEEMgBBagDAcgDmwSqBJsCT9AfJjHXW9tWzFKXmKV_8MMWwlm0U-O-Ciy_qeaRNr7ZikmVCkglSzxEMAABHTl80BJrxXS5PUDz6qGqtTsYdo2QzG1RSfJHt8NANLtYIN1PUJOVhrGcA49QzwRKrPJ29wYVUHuETn7wpoLM4Xo_cc1wkQPSJfOXFe7wyyXMSCvKtYilpfKC9MDUFYrrm4Vxstf1eOO43dU90A5ufD5nVW1Umof4A-z1EEIc9C1kX3ffmjm05U4khoYmK1ZqljK3wZ8J9-TCmO4QFGBla55_ayC46I5PrBi4g0eT0QTaORlv8CMYeQ0UyaFCN5SrIC-9YXs1YJhUhJPjvs8dsPWlOm2s01qMznST_bJLNbY1bikzr3wBQbC-q7JaYcAEsuDYsKUE4AQDiAWEjIyRTJAGAaAGToAHvr74N6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYysCbpLWuhAOACgGYCwHICwGADAGqDQJVU7AT2YnHFMgTkoay4wPYEwqIFAjYFAHQFQH4FgGAFwHoFwU&sigh=GIr7y9z9JLE&label=vast_creativeview&ad_mt=6&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D30037%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26co%3D396969903&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1708036899688

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 12A7 0
54 B 249ms
247ms Ping
image/gif 2404:6800:4005:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lsnt2i0u&c=4263963147547&slotId=2131981573773.5&qqid=CNyMnqS1roQDFW4RdgYdsAYHuA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1841&mt=video%2Fmp4&vs=1024x576&dm=30000&ple=0&umsem=0&event_name=first_play&asset_bytes=199914&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1ye~ff.1yq~videopreviewstarted.1yr
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:80d::2003 , Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 12A7 42 B
64 B 111ms
110ms Image
image/gif 2607:f8b0:4004:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM0HoIMT4QYAqxXqbHldbSMpAdzzVroAtB9d4_wRMSoLeZFMiuEPc1yb8ZLsgDyUND8Pk0PfwYA9bsVe3i9ftJ5Onag_KjIROYOXu84xjGru434a76ssPCnwQwL3y4KPqZvdkUWM1U0NX66MtOvA&sai=AMfl-YQ027bTGZZX5DSk35T31gsr_KHwamr-M7lrae1DtJ-QL0LkgZu69Gk65HFH3nSttFyCX8wadCPztYwO3FYcxfvTk-QflC5ou-ZHEoBfepoCeTdwyULjpMdX4k8SYdb7wOTnFU26acEEXM67WM-e&sig=Cg0ArKJSzKONyYfQ51fLEAE&cid=CAQSTgAvHhf_2WlM-7wyjOarPYP6E1gIO13ZqeEIJOqMfPH7mdz6jUOoY2uBgNqI4PDPOjBeWwkHVFMfw-4tWtoFedYpt8kwJ1hrgDHTd_WfSBgB&id=lidarv&acvw=sv%3D961%26v%3D20240214%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,160,119,369%26tos%3D2003,0,0,0,0%26mtos%3D2003,2003,2003,2003,2003%26amtos%3D0,0,0,0,0%26mcvt%3D2003%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2165%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D202%26dur%3D30037%26vmtime%3D2174%26dtos%3D2003%26dtoss%3D1%26dvs%3D2003%26dfvs%3D2003%26dvpt%3D2165%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D767937960%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2003%26co%3D396969904&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1708036899688

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 22:41:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yE/l/en_US/Q56gP7IVe8z.js?_nc_x=Ij3Wp8lg5Kz

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
krank.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7v61uiup4r36abthms8dcebka7
.krank.de/	1970-01-20 18:28:43	Name: _gid Value: GA1.2.1112546001.1708036897
.krank.de/	1970-01-20 18:27:16	Name: _gat Value: 1
.krank.de/	1970-01-21 04:03:16	Name: _ga_QVNJPTS5GE Value: GS1.1.1708036896.1.0.1708036896.0.0.0
.krank.de/	1970-01-21 04:03:16	Name: _ga Value: GA1.1.1833592369.1708036897
.krank.de/	1970-01-21 04:03:16	Name: _ga_N88Q73T6W9 Value: GS1.2.1708036897.1.0.1708036897.0.0.0
.doubleclick.net/	1970-01-21 04:03:16	Name: IDE Value: AHWqTUnASZ1RBTn7OV_O1sR83sd94K9cCqvujSYOJ1ATXs3CgT8An8VfYlb5keCFhwE
.krank.de/	1970-01-21 03:48:52	Name: __gads Value: ID=3efe132a8242d27d:T=1708036898:RT=1708036898:S=ALNI_MYWgrSpLjCELBj2StpW0i1araRFYA
.krank.de/	1970-01-21 03:48:52	Name: __gpi Value: UID=00000dca427b6bf5:T=1708036898:RT=1708036898:S=ALNI_MZn_E8qJlcWMpG08pW_LSsOITFTfQ
.krank.de/	1970-01-20 22:46:28	Name: __eoi Value: ID=4ba3e3b4877c868d:T=1708036898:RT=1708036898:S=AA-AfjYop7zCYJ4LmNkkJwAsdXWV
.doubleclick.net/	1970-01-20 22:46:28	Name: APC Value: AfxxVi6OMfexVyP9FWkOpu4VoeoPwnx7g9Ed_8Sva123vHs7hnCuOw
.doubleclick.net/	1970-01-20 22:46:28	Name: receive-cookie-deprecation Value: 1
.krank.de/	1970-01-21 03:12:52	Name: FCNEC Value: %5B%5B%22AKsRol9fYzIuFAkYyABEFxSoOGFfyWTY7Eal10wHDcxS0kqB4wmwNThqgRcBxSGO2ko692dtPSEgcCDLEWDsrKc1_EDgTLGh0G4vtaZ-19ADYgjPZZsIF5HyEnuuaTQ-MQk2mEwuhHnZ6ov-mquN-ac-uvsdpLCkSQ%3D%3D%22%5D%5D
.casalemedia.com/	1970-01-21 03:12:52	Name: CMID Value: Zc6TI9HM784AAFKqAGNsIAAA
.casalemedia.com/	1970-01-20 20:36:52	Name: CMPS Value: 1516
.casalemedia.com/	1970-01-20 20:36:52	Name: CMPRO Value: 1516

38 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://krank.de/produktcheck/nierexin/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
connect.facebook.net
cse.google.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
krank.de
pagead2.googlesyndication.com
platform.twitter.com
r4---sn-q4fl6n66.c.2mdn.net
static.addtoany.com
static.admin.nhassetsulf3aad9c0b224ce0fom.nierexin.de
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
static.xx.fbcdn.net
104.18.36.155
104.244.42.136
172.253.115.155
172.253.122.155
172.253.62.157
2404:6800:4005:80d::2003
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::ac43:2794
2607:f8b0:4000:7::9
2607:f8b0:4004:c06::64
2607:f8b0:4004:c06::65
2607:f8b0:4004:c07::64
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::93
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1f::8b
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
35.204.103.237
62.116.173.69
047043c63214ab371ba64e454267f5c75cee938b7cf50282c88714652d2745f1
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
10c862b5bdfdde6433f46d926d5715cd2cf9578f2bbb248fa7b38b00d142e0ed
121e938e1bf737d88f63ab06c7eea1ac42dcf748bee7076624fb35bd0252e45e
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
198d6d513b26128ddbb294a9ff929fa1e8b297e00feb0929204558ed56cb6015
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
23e34a4d2e66a171b4174039588c3798f5c2e9b1233824e3771edcde145ea031
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a076b7d7089628be1ecd036b9b49e0faf5a300138c500fad100b6d03494e310
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882
34c2528db29af28ba40106ece5fa4b7a8f77885600c9d13f5c345f931d7346fa
390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80
3be9af8a0c1068b25ad658c1f76f9250c6f06e258eef5ef812988f3713d4a270
3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
470582e3235b6e021cabed1a37d07d36d75434e909a973f47dfbcc6195e12bc8
47eafc65bbeb7515dcfe85efe45059847fbc09223f7761beab225a28baf52703
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b586b9980faa3895fedc82d3f7946549046f48ab48b532d2b84d9b90a1a684
58a36c9d2d7facbb5fc14fecad869c20f75c214cfb161d91f35bffdb4a88f642
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5db39a62ee9abcc30a30b63fcf2915e123217f6d2ff2a6a668198635386d61b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e4934d2c387e78bd8b8f0a1cce67a472358d26d301153e0dd31358601900f46
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7168087d5f93da952708be1bc84670514ddd73087ddd4241d7aa06be86a2f57f
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
78dd178ff66f034243ba67028188168437b4bbc86653a8517025d8daa2d70dc2
806275f26f49e72e115496ca209ecd55906979acfb873d56c08e70bb682764cd
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
8a0c2d19994862c37c9357aee09cea368c983479a6c64600bbaa008581954fe6
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a666d63d10ea6ad17137008823c317df39dcfd146fc439c55eb3f75a26efc498
a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1
a955b5d86b03b44b4bec0819234fb3ce63a54e0d92b10a7bb2e24b2d30e54369
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aebd49f91e8e9671577086d10e958616b663034fa0b277fa7b4bd55f9babac14
af4c84fcb96d6c5196962f37e21219803c78f91731087f13a748fab505f4b4dc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
b6f357810e9cd8f0aeca7b0cd526dc72d9230dce6958843f80bf104f940b5626
b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4
c50bb71f20a61203de11a648c2bc3cbd123fe7b801f8d3efd217fbb33f093ba5
d351abe30325db105fed7efd6f8a9ee698fd888d13948bb9c8f7b183c59ace78
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d62261bfdda45a21496d6c16731123a2105033b3537dc5415c0923d8e6584c6c
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77
da159f4f0f5692cf42518d9d01efbc33de5df8686f23ec1c5cac5ea33d6b2b1a
dcd7fd1982e2105e8c76d8fcd947d802f0a40b0dfa13150c8fb4bd6c4eb3d7e1
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c9b42faf3f0a512726e089d183e41273f3ffe8cbed79a8d804a5ebaa249387
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55669014850f629a831ea014cf4994bc2c2d4f183178367880529a82bac9bba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

krank.de Open in urlscan Pro 35.204.103.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

96 %HTTPS

73 %IPv6

16 Domains

28 Subdomains

24 IPs

5 Countries

2101 kBTransfer

11067 kBSize

16 Cookies

9 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

96 %
HTTPS

73 %
IPv6

16
Domains

28
Subdomains

24
IPs

5
Countries

2101 kB
Transfer

11067 kB
Size

16
Cookies

106 HTTP transactions
2 data transactions