controldenied.info Open in urlscan Pro
172.67.200.47 Public Scan

Software

cafe /

Resource Hash

949567a1226e0f94228290a61dec265a7932d14373943ff72abbe0ef7e91ee0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48946
x-xss-protection: 0
server: cafe
etag: 2579182747498579696
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 03:35:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
52 KB 99ms
46ms Script
application/javascript 142.250.180.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3XGVTW2MNS

Requested by

Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b2981fa9dde8ecd063e21a081c51015a7482a5f8561df53d1a2749a685986d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52594
x-xss-protection: 0
expires: Wed, 15 Sep 2021 03:35:17 GMT

GET
H2 200 main.js Show response
cdn.letmepost.org/xpress/js/ 6 KB
2 KB 2828ms
2814ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/main.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9961b1e1928f6775bd16d62acb5460556fccb72e9859fa776c76c4fd516656bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"18ca-5c3790f84641e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ2cB7oYHuewro105ygV3m6lURQzkCm7M%2F8EPS%2B0MyWrQrky76t32FrtAE5OCgn2yro3P9MA%2BzGVkpqxR9oN54DMuk%2BB4jWMFKZzCXL3CsBVViYkxXUUtCcv7q%2BqkDNpuajK1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff62778-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H2 200 velocity.ui.min.js Show response
cdn.letmepost.org/xpress/js/vendor/ 13 KB
3 KB 2699ms
2686ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/velocity.ui.min.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c03012ba89bab46d98f7b14426e654f0658b3a92ea791e168323ade367025fd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"33c9-5c3790f846fd6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWsnPbGuWUKml0JPGmjxh54f4kK1iPxraOjlqzPq5qDQhRDejDIv4S9ZmkAJmHbXtkJuoKaYj2exU5TWLWIfVaRlbC%2BlJk89Fyopuh3vjJbqD%2BCqrHtvbTmhLYwxjk%2FlKufgfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff72778-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H2 200 velocity.min.js Show response
cdn.letmepost.org/xpress/js/vendor/ 34 KB
13 KB 1693ms
1680ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/velocity.min.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf0576b87978f24f743e2c5191296d4b1c7eff84bc5e17af5c2ae96a22531abf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"88eb-5c3790f846fd6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtvHj81VunaCx7PBL%2BwBLaQPFXEnn1hLxlDC5d0fHqA4ykiPx9R5s2HgQ97As5kPmAsdmgTb7VQoRoTGaJtMwnqVyN2gLxCREoeBxlUS7xXRRpnGprj9MVTCRy9SJN0QZqXcDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff92778-PRG
expires: Fri, 17 Sep 2021 03:35:18 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
cdn.letmepost.org/xpress/js/vendor/ 20 KB
8 KB 2843ms
2831ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/jquery.magnific-popup.min.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"4ef8-5c3790f846bee-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJgq0rt0ySEN9Gfg%2B16BdYdZKEaKpwU8wzCNgXJ%2BHagIyS8NrmZgfnpk48i5J1O6M9s1LzrAPqqi5yA6NeRPOX%2F6BkUHue4F8fOAmMkQpMqHPVy8BMi2A%2BskPeaDTUs2ixWFgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ffb2778-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
cdn.letmepost.org/xpress/js/ 9 KB
3 KB 2975ms
2963ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/theia-sticky-sidebar.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabd030149e4b8c2afd5255196e034bfd342c50d0692c54abdd028e7385fd71e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"22fc-5c3790f846806-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCdxNbOmZI65yHbyieRwzST8Xx%2BIVgi1U4lWBu6%2FqWBheG0ao%2B2uT%2B51HszgIpPPVqF%2FFQhVwTWd2YrTKuo9JWVyDaJpJ9ZSBVNGwCKJJBpt3NKBelOquRLNg8qD2G%2B%2FjsKPMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff82778-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H2 200 isotop.js Show response
cdn.letmepost.org/xpress/js/ 29 KB
8 KB 2834ms
2822ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/isotop.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba46dd68f2d815bb3049681119a4d0136e1b38558ad482a97e7fa3db97066e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"75ce-5c3790f84641e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNdDSFX2lveDpxB2PnVTkb4622q2J%2FucR025Jq0gcEiko9UwWfQz1Ot87vJGBrYtpcdfMVMKJUUKFCUqjXDbgtduqKIqusVAYdCq8SNSxNaC63H3IcL5AlVJst1GcGMNSqYcRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ffc2778-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H2 200 isotope.pkgd.min.js Show response
cdn.letmepost.org/xpress/js/ 39 KB
11 KB 1832ms
1820ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/isotope.pkgd.min.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b14c999305722bd734e0473ff5c6040695d85203a77d6e7d7b31bed0cb9e3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"9c2a-5c3790f84641e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zW%2FxsTdzPgarFuPcak9ezfOQSBoitf6YWjBRjqwZcYwBDckTqdqFz7wsL60R3mjes6MBBj4eSZeC2y40am8h0wfmvwRYuIjmNJGtbymdtzozcObbCfVAw5bPhwAHsbTYyeX9MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff02778-PRG
expires: Fri, 17 Sep 2021 03:35:18 GMT

GET
H2 200 owl.carousel.js Show response
cdn.letmepost.org/xpress/js/ 52 KB
9 KB 692ms
680ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/owl.carousel.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9221608a4df26c3a67d553a85ea42269235ca69d2ff47419148853830d5cea2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"ce3d-5c3790f846806-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Za2sCxemsXzZXYS91VJdPd%2FcnF0tz2CrjthLCs3d5syWQvIShCq7uYLgpyf2Bzjnjc6IxmZQ1Da8IyPnJsp0AvRoZyEu%2FJH5iAYBfp50VvWKlmH65T2Jg6TRXNsYjSBYYPt0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff52778-PRG
expires: Fri, 17 Sep 2021 03:35:17 GMT

GET
H2 200 jquery.ticker.js Show response
cdn.letmepost.org/xpress/js/vendor/ 16 KB
5 KB 821ms
810ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/jquery.ticker.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ba985e2ba4fd517604df0c8d066cdaf84247c666a1bd80550a06abb81b24c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"3e5f-5c3790f846bee-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j05ImLJPlFQEnkq83EOlGsM%2FiNcyguMn8%2Bekk2KUJeyYvuHbDRSLMyf9Ct2ocroHAshX0k1CEdMazjY%2B5s8AsHRR9mqGk5MVxGFtlBaYRRQj9NyTeHOvn7uiqK27bYEatebfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff42778-PRG
expires: Fri, 17 Sep 2021 03:35:17 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.letmepost.org/xpress/js/vendor/ 36 KB
10 KB 2598ms
2586ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/bootstrap.min.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:19 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"8fd0-5c3790f846806-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7ba5ZdtzByrr856Ko2alOTzJRzuvoHGZTeU%2FagHr7r4xM2MMZEvfMHwoceWDodsVLH5yLuwwDzOmgtMdJKTNvQ6ngd4g%2F6QKmNxJGjP%2Fmhq9JF2diVXbmMCNSo8f1Gls36JUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff32778-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H2 200 jquery.js Show response
cdn.letmepost.org/xpress/js/vendor/ 95 KB
34 KB 493ms
482ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/jquery.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"17b8b-5c3790f846bee-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UtABT9oGr3lxfZSXl4vVl35QPk6IBKsSQGaBH4vGpEQP4HEx9mJk3sQizQf%2FTUW2W%2FQfImHpQK1ITGjVWX6Ivc4u5d1UAZEF1E%2BZPDsAwrYrpI6WNWS8s9Xlht1UFTGbcZmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0fef2778-PRG
expires: Fri, 17 Sep 2021 03:35:17 GMT

GET
H2 200 modernizr-2.8.3-respond-1.4.2.min.js Show response
cdn.letmepost.org/xpress/js/vendor/ 20 KB
8 KB 1692ms
1682ms Script
application/javascript 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/js/vendor/modernizr-2.8.3-respond-1.4.2.min.js
Requested by: Host: controldenied.info
URL: https://controldenied.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:18 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: W/"4e8a-5c3790f846bee-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IKnCgdp2IaD3qfSAVMt24zibwGuoCfxtl81%2B8RZAkaEjdzSEsXvUo5HFD2xCjCGvZJaDtHUuCEhdrWUvsr9kaX0p8UkFfbbhMBzMoJMV28UJJVVWZ5wFC66qIVWmSCCYTa5BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, private
cf-ray: 68eecddb0ff12778-PRG
expires: Fri, 17 Sep 2021 03:35:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 76ms
27ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora|Open+Sans

Requested by

Host: cdn.letmepost.org
URL: https://cdn.letmepost.org/xpress/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4ee5c821ad7d1768acfb2f20b1465d1f14201a4777f2f0c143a0548e144750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.letmepost.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:35:19 GMT
server: ESF
date: Wed, 15 Sep 2021 03:35:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 03:35:19 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v17/ 19 KB
19 KB 72ms
20ms Font
font/woff2 142.250.180.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controldenied.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 23:29:58 GMT
x-content-type-options: nosniff
age: 101121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19144
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:52:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 23:29:58 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 91ms
39ms Font
font/woff2 142.250.180.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://controldenied.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 02:40:57 GMT
x-content-type-options: nosniff
age: 262462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 02:40:57 GMT

GET
H3 200 fontawesome-webfont93e3.woff2
cdn.letmepost.org/xpress/fonts/ 63 KB
64 KB 502ms
484ms Font
application/octet-stream 172.67.162.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.letmepost.org/xpress/fonts/fontawesome-webfont93e3.woff2?v=4.4.0
Requested by: Host: cdn.letmepost.org
URL: https://cdn.letmepost.org/xpress/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.162.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://cdn.letmepost.org/xpress/css/font-awesome.min.css
Origin: https://controldenied.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:20 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64464
last-modified: Sat, 29 May 2021 14:46:42 GMT
server: cloudflare
etag: "fbd0-5c3790f841dce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab7WmuU8y2YqZkJjiJdPQpKS4ZALQil4T5TldtYA0ctBS7MhIqmUjNKdoxIdvTQtKngCuH32jnRWu4QPsIkZqLQWif2WvwzcNczkCUWZp2%2BayNt7rceivb76g4tfvX0R1WCFhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 68eecded5bbd4138-PRG
expires: Fri, 17 Sep 2021 03:35:19 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 251 KB
93 KB 66ms
41ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1047d2b56ce283ce2965fafd595cb050735857e0b8ac7f057b3ff8455cd2996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94964
x-xss-protection: 0
server: cafe
etag: 14352195524243268209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 03:35:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/ Frame 864C 10 KB
5 KB 25ms
19ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210913/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 14:42:12 GMT
expires: Tue, 28 Sep 2021 14:42:12 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 46388
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
361 B 78ms
27ms Ping
text/plain 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3XGVTW2MNS&gtm=2oe9d0&_p=1641021586&sr=1600x1200&ul=en-us&cid=876403886.1631676920&_s=1&dl=https%3A%2F%2Fcontroldenied.info%2F&dt=Get%20updated%20and%20latest%20News%20%7C%20ControlDenied&sid=1631676920&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3XGVTW2MNS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.180.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s32-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controldenied.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://controldenied.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
661 B 105ms
26ms Script
text/javascript 142.250.180.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=controldenied.info&callback=_gfp_s_&client=ca-pub-6885199190131478

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f2.1e100.net

Software

cafe /

Resource Hash

f55167343cac98884b66b4cebad3b319298a37b4f024317318845b607f9c3d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 108ms
34ms Script
application/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controldenied.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8426 204 KB
51 KB 593ms
593ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&adk=1812271804&adf=3025194257&lmt=1631676920&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcontroldenied.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676920466&bpp=2&bdt=3586&idt=112&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6077576201380&frm=20&pv=2&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926c43411965b47cf4c384faf0e8f568ac544101dc4bf867ee12eb14c8b8e1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6885199190131478&output=html&adk=1812271804&adf=3025194257&lmt=1631676920&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcontroldenied.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676920466&bpp=2&bdt=3586&idt=112&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6077576201380&frm=20&pv=2&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 03:35:21 GMT
server: cafe
content-length: 52106
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 03:50:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 03:35:21 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 58ms
32ms XHR
application/json 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210913&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a79a5c2ebcb0b4c2c14e4fa2ab27d1c4f850283922b90d5b9d081b822b88009a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8514
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 117ms
43ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631547519045135"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 03:35:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 91ms
26ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 15 Sep 2021 03:35:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 52AE 12 KB
5 KB 48ms
19ms Document
text/html 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 14 Sep 2021 14:48:16 GMT
expires: Wed, 14 Sep 2022 14:48:16 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 46024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C4B8 783 B
1 KB 85ms
34ms Document
text/html 172.217.169.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s09-in-f4.1e100.net

Software

GSE /

Resource Hash

8575cbbb6b0f0f492c9bf70aeff37fd2c4a99990bb2c805502f00f7a25a7b856

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1Pg1F+n1R3LbwvlTi8pzaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

expires: Wed, 15 Sep 2021 03:35:20 GMT
date: Wed, 15 Sep 2021 03:35:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1Pg1F+n1R3LbwvlTi8pzaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 52AE 35 KB
13 KB 20ms
19ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 06:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 06:20:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C4B8 0
0 61ms
61ms Image
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210913&jk=2307059306696604&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s28-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210913&jk=2307059306696604&bg=!U1ClUBTNAAYT0U73E9E7ACkAdvg8Wlwv0ce_KsgE5x5YgTXOaqbH2ADHbvPy1xinK4CBX-rtQlw_8QIAAAB2UgAAAAdoAQcKAA728VuyVH42QEjj5ohyEJkCii9Raqkz9A0-pYeugupLQMYGBoS8W1z6RE7gO6dB9kAo31JoQI9BJQN0q9Zspa1dKL7IKdW-3_bbX26YbAMiSF_MO2X3mYFIsdHvwpzeevzT91CqBPJEEDgJW1uXX3MtWFLrnTAgm3PTbBm9IVj0O4vaawwHQ-QP-lBWrTnHdw2fETodfXJ17WlwXCEyZd-U9gOJFM0-bcQxa9i5t4zpJd8gy-VQZkG5FEdRfNBfw-0qMT3vS5fNpExCgUL5rMNaqjhLLCUxSGKXx7nCfwaACa8lJvEC4VfLISg_kJu4mdLT0Jy2sm1C9igUrSpastUR7r40pOYHMX0q9cUAeMm0W5drQeimThO2RvJuqsEB_SZqqxK9ZRbtj2M9EYnSrh3kYEBoCPzOMexq9NXocw2eTEn-hD2OtHCGiNZ94adZuTYwnGOtmuR-mmsekDexeNOPe2UzfTcMhKZuWLHOBzMTB-hQMIRqPWQch7YlfxfRkLfotGp2548dK_NVuZ0qfkn2GfwSABnufNu2fmRoRfFsxKbDJnXKzesydLMfGScuiBg9fCKEhG7WkDWzGqSWADyZAN3zydiQrUC8ejSIz1pSJc2y9OfvG9jb999TMgAQFpE2kB0AyyuOC3X7gMTtmnIh5hCs-mYmfM3rzue2DHke-n0-jktaFK0IQBYrEukvX7Od2IXB7P95otgKDVGcoOZkX0ZKAXXn9n2mXNHPVFsH50X2xKZhH4iPi8IJhbHJ7O2yX-h6EQ0k5amH3fbJUEy7JWv0IxttkmfYbhu3_rMxUDkw0Pa2JNsxOMedMgPgm7Tu2Y6jdZI9Ug6x1zQU2N6GhKiLJ_TVR8b0JLdd7CQLpoDia4yk_GVY3Cvh

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 145 KB
52 KB 35ms
35ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86e3df1b3d3301b5aa5ea0ef42d3ef398f150cd10e57908c2c6ea4b9706b2d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53094
x-xss-protection: 0
server: cafe
etag: 532206214977315872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 65ms
27ms Script
application/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controldenied.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E46 85 KB
29 KB 769ms
769ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=280&adk=1323962898&adf=753656237&pi=t.aa~a.2888210779~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=1170x280&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4349&idt=-M&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0&nras=2&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=215&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lxvmfAM4T0&p=https%3A//controldenied.info&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29e062ee4e3660cf1fd189bdb3a5894f195da5c4f86d0c218fdefbaee339b376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6885199190131478&output=html&h=280&adk=1323962898&adf=753656237&pi=t.aa~a.2888210779~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=1170x280&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4349&idt=-M&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0&nras=2&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=215&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lxvmfAM4T0&p=https%3A//controldenied.info&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 03:35:22 GMT
server: cafe
content-length: 29188
x-xss-protection: 0
set-cookie: IDE=AHWqTUn4b0ojs3FAJotuUP3aAeKeXPjt5sMxzJJjfKHPbvduiYaJ5duDP3L3CP_8Gpc; expires=Fri, 15-Sep-2023 03:35:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 03:35:22 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DAE 15 KB
9 KB 634ms
634ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bff73477f035d011ce88cd2250921b69073770b37752645e042b85cfe6d95a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 03:35:21 GMT
server: cafe
content-length: 8724
x-xss-protection: 0
set-cookie: IDE=AHWqTUkgJOiGnYWe3vL_JRruNSEPbjh2d_z307hskI8MzB9DLt1c1erj4AE7uxF2oMQ; expires=Fri, 15-Sep-2023 03:35:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 03:35:21 GMT
cache-control: private

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/ Frame 2C04 10 KB
5 KB 19ms
19ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 21:21:20 GMT
expires: Tue, 28 Sep 2021 21:21:20 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 22441
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/ Frame 4854 10 KB
5 KB 18ms
18ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controldenied.info/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://controldenied.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 21:21:20 GMT
expires: Tue, 28 Sep 2021 21:21:20 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 22441
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 2C04 4 KB
633 B 72ms
38ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:07:42 GMT
server: ESF
date: Wed, 15 Sep 2021 03:35:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2C04 205 B
588 B 70ms
20ms Image
image/png 172.217.16.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 11:16:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 317959
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
expires: Sun, 11 Sep 2022 11:16:02 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2C04 604 B
694 B 70ms
20ms Image
image/png 172.217.16.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 22:32:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 190960
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
expires: Mon, 12 Sep 2022 22:32:41 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame 2C04 17 KB
8 KB 20ms
20ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:23:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
server: cafe
etag: 8352096984186353373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:23:11 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E380 624 B
300 B 29ms
29ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGL2BgbIBMAE&v=APEucNVxxVMlCvul3vIV1AF5pxxcS0_l39WCH9wwR0eVFwKWWFBN2OvH4bKQ5R7n0inmgTI8JAkhf6elx2i1o0Hd8709liVYXQ

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMnRvNQCEJP9zuICGL2BgbIBMAE&v=APEucNVxxVMlCvul3vIV1AF5pxxcS0_l39WCH9wwR0eVFwKWWFBN2OvH4bKQ5R7n0inmgTI8JAkhf6elx2i1o0Hd8709liVYXQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Sep 2021 03:35:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnt8eBjQDRJz9-nunZKrKVcWowINdu2rw_wIO8_Deue7vQ1ewHoPKn8a7vT; expires=Fri, 15-Sep-2023 03:35:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame C3BE 18 KB
7 KB 19ms
19ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 01:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 01:15:28 GMT

GET
H2 200 17101037815218815141
s0.2mdn.net/simgad/ Frame C3BE 21 KB
21 KB 106ms
19ms Image
image/jpeg 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17101037815218815141

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5bd6118b11ecf1ac6ca42c1617864e58b8bbee26815203f8ac1c6bc4371d867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 06:42:02 GMT
x-content-type-options: nosniff
age: 420799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21082
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 16:02:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 06:42:02 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame C3BE 6 KB
3 KB 19ms
19ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 14:37:13 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C3BE 0
394 B 50ms
44ms Ping
image/gif 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv05FagIQtldvy0aHCGMTWIQKPJhOusxQe35ngWIAeuCfNkR3lnkXW2J89I_Io88vB1n9PasICLzpYkZA2oaO7aH_KrQSl4qEgn_qeOtvls-Bqo2CrqbFbCV-2lyBS42fPf8WNKc3YfVnmkaky6RvD05uxQRi7TShsGnP7eSxW4n4gAYP5W4ROyC7bzMLKVBbOslYhH0-P7JaYR9-u2mLRAjVdm3tbfe9rZbiK7r11hk66LSrSEIYhZ7G_paJ-amhI7pX1LzRGlKfP3XR1r7qbrEz0mFbbRNgEph78oPZbq75LJP7bJd20iHxyMsA7epp5m02TfShF7HIlHZePGquomyolTO0MndzlqoH2cVTfT4tNFwtghmNm6RMLxAtFSeVpEvqfGVx4SSkN3m5BsSdmJlJDgW0S6SEeOYdAnksDNpTzCzKKrqwvA1Cm-NFmYXX7S4C21a6xXNmypIVBNiez_udoNnRNlQGDuVStsM_P-K3QnjHz9qsyVGff83igxN2m6zqQ9fk4II8gJlzGIG-fJLvXMF_MPV7Vyj-kyuYPP7fsaGpowKvAGIWGGIqCx12s2FPGr3gemMrKlolmxtNx9kL7va8uxxGckn3N5ONAYc4TCseamLw2vXXX1hy8DtodsSmj08Vq3MqB4D_iRNg3v2lfyivPvJt37qeB7yx5IWq7RPrNYm7YQDlpThH6POOoXIt8D2qYtdM6saCz4o-y7an0yeAFv7f7mZRzSKMxkgCdaLIaDrKuYt1MgMVz4KblKQg-Q3BICijyjSJa0J-rCO1326Mh6bhrHUK_xA7vDDFVcE_Ywu8HMxAiatmjqQYiW3N2zjK1pViWeGk9rjdL1CXje1esYQN2CEMXiYwhj48ZXyu87xuVbbWW0TGY9L7wxHudmW_CwcqXFzceTkO2T_ay2KlYbZd6jZGIRRMccOBq9wvf-vLU-7vSz2DjZyAEoLCoAPbyF8hDpStN6UWsF0RnKUZOHHUFeQiB_PNEUI9ixKrOjwFzKW_jI20EK-iqGd5Bhy2nTCG45kscjbFTaHUvG8fNO91lk&sai=AMfl-YTcVoEuEn_-Hc4Sg0mwZMPlH8S_ASM7FGwhlqTvOVmSHf2LVwUEE8yJc9JAkIIRHusICOiqXVkvxYSOYWXzbi8uQRazGRO_pU55jU9_2WFYSYfJr5OFZ8cYBTxwS-iwbgARwJphmxMAjHf9FJfZTY4l6v5Eqn7HZ1Y3ViJ0TQ&sig=Cg0ArKJSzI-eavgVGgbcEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210913.05876&adurl=

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 15 Sep 2021 03:35:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C3BE 41 KB
15 KB 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame C3BE 2 KB
1 KB 27ms
26ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:11:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3BE 125 KB
38 KB 55ms
31ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame C3BE 14 KB
6 KB 20ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C3BE 42 B
63 B 29ms
29ms Image
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4ZXiz7yHqVVNrQuLH5vK6i-xKKUivk4522vk6LdGYs5IuxSX2iGxM9zkPkrvDOqipWG-TKq37ObzqXsIbtZHEEGJvcTNQn6UVFgFFT45ice8HQGQ

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A767 22 KB
8 KB 19ms
19ms Document
text/html 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 453931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C3BE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a439166e3b95fb79ecf2597a1ca404fc921d21cfe8b924d239b5791b1f9015c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E380
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWj3HSWkdYRYu8lOgIHTMI&google_cver=1

43 B
894 B

15ms
15ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWj3HSWkdYRYu8lOgIHTMI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGL2BgbIBMAE&v=APEucNVxxVMlCvul3vIV1AF5pxxcS0_l39WCH9wwR0eVFwKWWFBN2OvH4bKQ5R7n0inmgTI8JAkhf6elx2i1o0Hd8709liVYXQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Sep 2021 03:35:21 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWj3HSWkdYRYu8lOgIHTMI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E380
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUFp.fZzcOxc86B1ioVOFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWj3HSWkdYRYu8lOgIHTMI&google_cver=1&google_hm=2

43 B
894 B

23ms
11ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWj3HSWkdYRYu8lOgIHTMI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGL2BgbIBMAE&v=APEucNVxxVMlCvul3vIV1AF5pxxcS0_l39WCH9wwR0eVFwKWWFBN2OvH4bKQ5R7n0inmgTI8JAkhf6elx2i1o0Hd8709liVYXQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Sep 2021 03:35:21 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWj3HSWkdYRYu8lOgIHTMI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E380
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBVP5AFEuPf-M0yZq8n4XXo&google_cver=1

43 B
1006 B

7ms
6ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBVP5AFEuPf-M0yZq8n4XXo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGL2BgbIBMAE&v=APEucNVxxVMlCvul3vIV1AF5pxxcS0_l39WCH9wwR0eVFwKWWFBN2OvH4bKQ5R7n0inmgTI8JAkhf6elx2i1o0Hd8709liVYXQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:21 GMT
X-Proxy-Origin: 216.131.114.73; 216.131.114.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 84de152f-d0ba-4654-9e58-4c9a24714694
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBVP5AFEuPf-M0yZq8n4XXo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E380
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D

170 B
243 B

58ms
29ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:21 GMT
X-Proxy-Origin: 216.131.114.73; 216.131.114.73; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2df00be7-1565-437c-bcbb-d96c7d404c3e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7EF3 3 KB
578 B 38ms
38ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 03:02:02 GMT
server: ESF
date: Wed, 15 Sep 2021 03:35:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 7EF3 1 KB
857 B 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:17:21 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 7EF3 18 KB
7 KB 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 00:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 00:34:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 7EF3 2 KB
1 KB 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:11:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7EF3 125 KB
38 KB 32ms
31ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 7EF3 14 KB
6 KB 20ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H3 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 7EF3 26 KB
11 KB 63ms
28ms Script
text/javascript 172.217.16.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 02:45:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:57:47 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C3BE 0
23 B 32ms
32ms Ping
image/gif 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:35:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame A767 35 KB
13 KB 19ms
18ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 06:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 06:20:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B810 143 B
163 B 19ms
18ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnt8eBjQDRJz9-nunZKrKVcWowINdu2rw_wIO8_Deue7vQ1ewHoPKn8a7vT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Sep 2021 03:02:00 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B810
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

25ms
25ms

Document
text/html

172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnt8eBjQDRJz9-nunZKrKVcWowINdu2rw_wIO8_Deue7vQ1ewHoPKn8a7vT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 03:35:21 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 15-Sep-2021 04:35:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 03:35:21 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 03:35:21 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A767 0
20 B 32ms
31ms Image
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeFxN-GlBYfLtJdCT-wbK6proBAAAAAA4AeAEAg&bg=!09Cl0JTNAAYT0U73E9E7ACkAdvg8Ws64xREJEzKf0nGs-Bp0FaT7ysmHqS8jNuRbHIHaF8GUNCwPuQIAAABvUgAAAAtoAQcKALZ6A3XBGLjCe-grGJSo0lEMbTjE7wSRQ0YyrbicqQbtvU5Zd-RRXahw4RWzxqhA-_IEEpAc7jMmL_z8qV-NzydvY8sR5f7xyZr79rEmRaGLhSM63KhrxoRzAEkzjxT8Uq3YRlvkD7vLNIWHBfPuEkibBf2LFt28tD2ivkx7kJ4-Aduy7gxcukGOb8-5lFTeZNg0g6Mgj_41CWbdhGttk7F4ul-Pza-IqARaJUFO6CjISqoQpxGEaZkCx8yGT3bUryJSOsQgTiDN-rqxOskoJC5cGf8Kll-D9cm0jL0LxcyKf8-W_L8ULR2l6EbCPxMxKOLHsWt4xyCZ5CwM87nXAM6qhQTipV2CtnVI0GFEWNAJyKAUPeDl1rYxKnyqtxqtUKN3SmeGEo5yKo_l_z6FqOCuHfjz0Yxv8g1J9wrkB2n_wYSt0iw_N5ayZzDrRZZG0z_crzW_RKr2gyUhiMSIqm7VdlhF2LAXEjPvjgO_C5uvlQaIZCG61hXqU5RBSSQVEFOhj1hO5EYHmVC4rfXXRoCgxKC1NNx_WpJAH0DelRBc4oIQHig3m7B-VforHYH2UMzT6-TDWDP0IALx_AHnR1Sz2UWY0JCFQggsS0BL1DsSDVvpzpLF-q0WtSlHUf7uizJ9fwRqkcISPeGCOwaGPjSMSoiK_g6Fbv4VJ99s3wKecl5ecMmW2eNETFkVFrZshVaGNLOCaS_bKORisgzOkE-ESCcYvltAgYlJvXt3AZAf-Hjks0gDhzN2B3z75Yvt79gLsYOJrrzE_eO6Hl62TKEhR4Zb5Uf4tjUtr13unuXgIu9VEKy5WP1GLcXD8_RwRRcFVb8H_bWjVT2PJNhDGI5NM1CUu-OaEQOaZTKOnCOmNPmwczOpaEr6oedAu9RAUuvXg79iURMiFjPw3_eQOUVYZc_Dh7szRwu-5vF_tLfI_bnocZDXySrnQWMtOtvHUE_J6fKlDogzuUoP3NeTRmLca0aOwS0Prpwve-Sm7-7G1Xa8APS54FO8C1Ci0E6-ScR7HwnqQSc1RyxdooPtD_tmws9_JbZ_HOm8whIW7K_PBKYGC9dHcQN4V6ao6SfmeMGpuPQtCwzw3I6FjJG4EfWgbLewA_STIjo5xSI2P0M96c4jXmeL5mWjpMYiMdPughrlQeYEE6w29Ei8s57ZlXMb1YsTssLlrqzmg5Zb67LiCA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DAE 42 B
63 B 29ms
28ms Image
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxctRh9PSpugdYpBw1jEoeEiksPguwBTgNxTFwHdoMsfAdQEO07qFIiVDxgYJ96pt6Z2Dqnp3Wrv7gnSUTxkBjV36xZYqwgp2-GJoQZXHvxwkmsTg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9DAE 2 KB
1 KB 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:11:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DAE 125 KB
38 KB 25ms
24ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 03:35:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9DAE 14 KB
6 KB 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 08AC 624 B
297 B 31ms
30ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDq2JIBGNGSv6IBMAE&v=APEucNVN4oiPV-eLExQwqeWUGrMZgWgqezbsihjKl8PTce5-21p_3woXBlAP6KTE8gRdpQunIN9f5h3Pyi1nXRf-HOUnedp2LQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CI2VFxDq2JIBGNGSv6IBMAE&v=APEucNVN4oiPV-eLExQwqeWUGrMZgWgqezbsihjKl8PTce5-21p_3woXBlAP6KTE8gRdpQunIN9f5h3Pyi1nXRf-HOUnedp2LQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUkgJOiGnYWe3vL_JRruNSEPbjh2d_z307hskI8MzB9DLt1c1erj4AE7uxF2oMQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Sep 2021 03:35:21 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9DAE 70 KB
28 KB 57ms
57ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbdjyqXjDz3qMrpnMi8VX9uU5H42SzalQLzLSr9BXMbcqhwcvhYZU3yyJTEjNEPZ5XmonnEr59H4Q-tpNlXla3xSMKBaCjffeAJJOYRsKD4DzjLJz90E9vfwMzpnBXEy3NSzQl9YN6CetTd1PBQwLFg8QQzA&dbm_d=AKAmf-AZnpVdCDRelOMj2WUHhqFi8C4nIWu3kg89CJEOt5Lu_eFLmEFz5RGXEKd5S2Eo56hX4O_n0J6O5Rnrx521mp6W-puGsW5CIfj_IPhzZrM8uI8V9M75u4sNIn5mQFB9sPZk0WLHteXcTD_xz6SwzRq7pgPKkrCzHtUUuZ-DyHdtz3edqfPvx8nCoy3T0XVN6f8r_c5f3KpF5mIaZIMbIfeSBIT4ljg8bUFZF8KQYnfN262sJGl2XTm4k0bUqwF_8U5aC6V1pFsPrgZdSCyIknHUcEUU4jT_ObjdsQD_pUaSbvEm3lELK3CFa36bq5lt-7GMs4x2gFIZcKTQib7kq2WbaJuhCgQEK2SkvTyOloeata-GS_dlKFOAmhejUa0vQB_4-SBufBcWEx7ZvYF8LAj3zNw0AEf4Jip339CxGNrb-TOjWLzeww0F7k7E4GCOkk7mf-IZbiKu4aqxOXLe_0nlDjFrjfh5xDv8ttly_ov505VSE3EZgw41UOZ4fD1PwRoxAvjBe-ekm7Q7s--EzMEjoRQcr-c20h_r8dRFnfg9m0WsG7uSxhrgJi1WvzPFR1HIp0CJCkxnqiDcLmystMlQUj5wEN8wfb2mc68UYsnkZblr8C9zHzcVUJ8_pTwVZHobEun4rprusv-qrun3nDYORTagU_BevCf1mK_QLftdJ0NQnH_W4y_EvtmT4JUzvAD3rIKraZzYd6BY65QH1D0U6DMnFytliB_PiF7Syk1Q6CGzvNGollI_dzFVpd4IgmC_U7U2uIMGAXmRdZ5IpNB1pe8wIZwyLAvYaW_plOpUnMCpWvNljeHy-8fT2Qhdd1YJDQsj4uJ4x0g1E4kN_7NVRNCi4IVoe-tgSgFHqz3HZYIhMylDIeVnjO6_OMVOFo3nOBTTRJm3sfN6xGcJwq5cled7Dgpn-SUYDn03pdGWbvA3miPem356sRnHYpDO9IMSl6Nz-ELwN-QrJPnBzPNAy-XU9bhcyU1A3Pt-GO8TGHnoj_DdsUpuSHMB4cO00GUpQzuDSJWkrSvUxOw4FedaK_bhuI4AA4vmsMKIOu31JBYRFz3dTEE9wWemV7gujQ7Q-fdKMi45i_DOlhsbOUyIEQxbtcXRmGS_OPfgvb5PQkE567MLsOI6tags5ursuEEEhS-2rD2tXNGH19c8A8EoANY6Uu3YZXxesMGOF3GXhh1aPktSPSXMA9jofiZFwTvy3legjapDhMXAaiOTqXeHT7k-Bn-EO5aB8zH1ltNVbMOxYDDqgwSnwx7quR8wcuoF0SAhQitjErptF__uWTwG691DTTCVxJ8vKmeuv0ncZL29J_pV-1n_GzkOrZ2UtxkMUjRn53kcB1A00i1Mu0NNNW8FcTkmBoIVrb7X3N6AXcUZ6Jl06SHyMQ_6M7n9xsB25aS9uiq65-Hh7kNB_1vR546OxX1wtXGCYo4sWiiNlkpXdxFs-1FqzljqytSu9aUGDEsIKlNGR6lR7TRUNNCehJr_0pPkSC_dxPRF_NiKcnl5RajCmopLWAFppnMPQqrg2AoM5MeWOZRpsN3BgwSZjBWJYZjNZSIcaRjHbwXQG42wX4vzHd1E2AB8ADJsPY0Xkp78YkEGx-9mYXQnQwvtlEhO7N9b4tCm4YlAEQrNat0YG5sYwakvz9XPseHdTi1V1Jsj1DesLUeDG7PaSy3SjWNy06wn_lpvl7GNlv7DrsaD28rWsbTw3BJ9kJYtgwQD9eHCKpzjn8zvROG1nzQgEIWDRkzBotwYxQOE9VeVVU83xRefZHdQBj4WnY8Lqr_pr7nRR_ixgklNkfVBfQ-5VHYTeq1SeKTN-jPBc3J7RpGRQZMh8oaiaJNrXqlEWqsOyhqrEhPjYeKUYGzCr-61-m_zdlh4bl4BQ0iWl-xLgq8FqTHzoa_knc051go4BJJazXi7nZV5ssjkaFwMhJT2-53ditaq6xxyrogfdlzxeU_5uB03zNMQrIdvXWTyXWVCQrri6EgluCd9JP9M9JUqULMTPLlWwGgarzxy37J8eIhL-bwWzsMt6kqkYAcLALBPcqgepmn7bAWyA-8q2B3TYOBJtiCs3O0uB9PAqA3ZM6cfQmbrZhAwzuWtQtWp5WjCPmDWEy8UfAIxM0_Un5Kn1KSJ2CedQRAcugo6EPzjPiFx6vkUaylq0ChpCnYsyd-12uFGH--FhrKVzskDm7m37Awwq8pKK3moNBoZnTsKA53p4bWMBKpYZsNIghQe4u0IfENKw8iXsoCiNMHLBSF8i5y_wauwLj8d_QAmG8ZC-sJ2fpTt_QekuwxV5oemAo5cXOhd4DIlbY_ATo8uFVFTsF_p6bNvp3g4zLmcwt96YkVlfkV1qZ_wDpdr4ZTnhBoRVkZhxx-rix4rJIKTr6SmqY6Z4Bp4xt_7PwaPrtDRGu-7_4UlUC7k1-PAwu4rGxYZ5_c-jOqagal-9bCnBo9dEAaNLflhKFbwCHhUV6x1xLqGMGaYYkRpQ5s8w4sSeFkzHLuxO0BJb0qciIhQf9RS-CjWY8PznK0s513eJp58EBx79T9vYpLs9V9pteSd4so-yDg36XE776kpO1aSIUrPmqCzcxNfTVDW0P-MTetlQnNOmIcJwV1wYUWcx4SALiJ-3Whv9yEgw5ikZQZTpwhKKhZbFeXmccqXKs83-aqZor3AKGY7EF0LjSfHWLKUKyiFQv0C4fZ_6poeatVrqYYDsIBYI7LTHTJ8DwagmyXzkXMuxy-Jtv6654_cWzdovtyXoCx_E-1pPcUDi5FEMCADQ8CWC6Wp9nQTnmu9BthNOpQDiJANTNgp-zfWtMoT3bcpy26A&cid=CAASEuRoPxqBn-YcQXiv9NgiAtPceA&rfl=1%2Chttps%253A%252F%252Fcontroldenied.info%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f2bc1cb82123da124d49579e12351385ac98d04c1de7e065a41bef87bf39bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 08AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3

43 B
315 B

10ms
10ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDq2JIBGNGSv6IBMAE&v=APEucNVN4oiPV-eLExQwqeWUGrMZgWgqezbsihjKl8PTce5-21p_3woXBlAP6KTE8gRdpQunIN9f5h3Pyi1nXRf-HOUnedp2LQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 15 Sep 2021 03:35:22 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 08AC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUFp.fZzcOxc86B1ioVOFQAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YUFp.fZzcOxc86B1ioVOFQAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3

43 B
315 B

10ms
9ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDq2JIBGNGSv6IBMAE&v=APEucNVN4oiPV-eLExQwqeWUGrMZgWgqezbsihjKl8PTce5-21p_3woXBlAP6KTE8gRdpQunIN9f5h3Pyi1nXRf-HOUnedp2LQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 15 Sep 2021 03:35:22 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=

170 B
188 B

39ms
39ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDq2JIBGNGSv6IBMAE&v=APEucNVN4oiPV-eLExQwqeWUGrMZgWgqezbsihjKl8PTce5-21p_3woXBlAP6KTE8gRdpQunIN9f5h3Pyi1nXRf-HOUnedp2LQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08AC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D&google_tc=

170 B
188 B

38ms
37ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D&google_tc=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMyMjg5NjUwNzI5NjMwNzM4Nw%3D%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 9DAE 114 KB
39 KB 57ms
25ms Script
text/javascript 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Sep 2021 03:00:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/ Frame 9DAE 8 KB
3 KB 19ms
18ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BbdjyqXjDz3qMrpnMi8VX9uU5H42SzalQLzLSr9BXMbcqhwcvhYZU3yyJTEjNEPZ5XmonnEr59H4Q-tpNlXla3xSMKBaCjffeAJJOYRsKD4DzjLJz90E9vfwMzpnBXEy3NSzQl9YN6CetTd1PBQwLFg8QQzA&dbm_d=AKAmf-AZnpVdCDRelOMj2WUHhqFi8C4nIWu3kg89CJEOt5Lu_eFLmEFz5RGXEKd5S2Eo56hX4O_n0J6O5Rnrx521mp6W-puGsW5CIfj_IPhzZrM8uI8V9M75u4sNIn5mQFB9sPZk0WLHteXcTD_xz6SwzRq7pgPKkrCzHtUUuZ-DyHdtz3edqfPvx8nCoy3T0XVN6f8r_c5f3KpF5mIaZIMbIfeSBIT4ljg8bUFZF8KQYnfN262sJGl2XTm4k0bUqwF_8U5aC6V1pFsPrgZdSCyIknHUcEUU4jT_ObjdsQD_pUaSbvEm3lELK3CFa36bq5lt-7GMs4x2gFIZcKTQib7kq2WbaJuhCgQEK2SkvTyOloeata-GS_dlKFOAmhejUa0vQB_4-SBufBcWEx7ZvYF8LAj3zNw0AEf4Jip339CxGNrb-TOjWLzeww0F7k7E4GCOkk7mf-IZbiKu4aqxOXLe_0nlDjFrjfh5xDv8ttly_ov505VSE3EZgw41UOZ4fD1PwRoxAvjBe-ekm7Q7s--EzMEjoRQcr-c20h_r8dRFnfg9m0WsG7uSxhrgJi1WvzPFR1HIp0CJCkxnqiDcLmystMlQUj5wEN8wfb2mc68UYsnkZblr8C9zHzcVUJ8_pTwVZHobEun4rprusv-qrun3nDYORTagU_BevCf1mK_QLftdJ0NQnH_W4y_EvtmT4JUzvAD3rIKraZzYd6BY65QH1D0U6DMnFytliB_PiF7Syk1Q6CGzvNGollI_dzFVpd4IgmC_U7U2uIMGAXmRdZ5IpNB1pe8wIZwyLAvYaW_plOpUnMCpWvNljeHy-8fT2Qhdd1YJDQsj4uJ4x0g1E4kN_7NVRNCi4IVoe-tgSgFHqz3HZYIhMylDIeVnjO6_OMVOFo3nOBTTRJm3sfN6xGcJwq5cled7Dgpn-SUYDn03pdGWbvA3miPem356sRnHYpDO9IMSl6Nz-ELwN-QrJPnBzPNAy-XU9bhcyU1A3Pt-GO8TGHnoj_DdsUpuSHMB4cO00GUpQzuDSJWkrSvUxOw4FedaK_bhuI4AA4vmsMKIOu31JBYRFz3dTEE9wWemV7gujQ7Q-fdKMi45i_DOlhsbOUyIEQxbtcXRmGS_OPfgvb5PQkE567MLsOI6tags5ursuEEEhS-2rD2tXNGH19c8A8EoANY6Uu3YZXxesMGOF3GXhh1aPktSPSXMA9jofiZFwTvy3legjapDhMXAaiOTqXeHT7k-Bn-EO5aB8zH1ltNVbMOxYDDqgwSnwx7quR8wcuoF0SAhQitjErptF__uWTwG691DTTCVxJ8vKmeuv0ncZL29J_pV-1n_GzkOrZ2UtxkMUjRn53kcB1A00i1Mu0NNNW8FcTkmBoIVrb7X3N6AXcUZ6Jl06SHyMQ_6M7n9xsB25aS9uiq65-Hh7kNB_1vR546OxX1wtXGCYo4sWiiNlkpXdxFs-1FqzljqytSu9aUGDEsIKlNGR6lR7TRUNNCehJr_0pPkSC_dxPRF_NiKcnl5RajCmopLWAFppnMPQqrg2AoM5MeWOZRpsN3BgwSZjBWJYZjNZSIcaRjHbwXQG42wX4vzHd1E2AB8ADJsPY0Xkp78YkEGx-9mYXQnQwvtlEhO7N9b4tCm4YlAEQrNat0YG5sYwakvz9XPseHdTi1V1Jsj1DesLUeDG7PaSy3SjWNy06wn_lpvl7GNlv7DrsaD28rWsbTw3BJ9kJYtgwQD9eHCKpzjn8zvROG1nzQgEIWDRkzBotwYxQOE9VeVVU83xRefZHdQBj4WnY8Lqr_pr7nRR_ixgklNkfVBfQ-5VHYTeq1SeKTN-jPBc3J7RpGRQZMh8oaiaJNrXqlEWqsOyhqrEhPjYeKUYGzCr-61-m_zdlh4bl4BQ0iWl-xLgq8FqTHzoa_knc051go4BJJazXi7nZV5ssjkaFwMhJT2-53ditaq6xxyrogfdlzxeU_5uB03zNMQrIdvXWTyXWVCQrri6EgluCd9JP9M9JUqULMTPLlWwGgarzxy37J8eIhL-bwWzsMt6kqkYAcLALBPcqgepmn7bAWyA-8q2B3TYOBJtiCs3O0uB9PAqA3ZM6cfQmbrZhAwzuWtQtWp5WjCPmDWEy8UfAIxM0_Un5Kn1KSJ2CedQRAcugo6EPzjPiFx6vkUaylq0ChpCnYsyd-12uFGH--FhrKVzskDm7m37Awwq8pKK3moNBoZnTsKA53p4bWMBKpYZsNIghQe4u0IfENKw8iXsoCiNMHLBSF8i5y_wauwLj8d_QAmG8ZC-sJ2fpTt_QekuwxV5oemAo5cXOhd4DIlbY_ATo8uFVFTsF_p6bNvp3g4zLmcwt96YkVlfkV1qZ_wDpdr4ZTnhBoRVkZhxx-rix4rJIKTr6SmqY6Z4Bp4xt_7PwaPrtDRGu-7_4UlUC7k1-PAwu4rGxYZ5_c-jOqagal-9bCnBo9dEAaNLflhKFbwCHhUV6x1xLqGMGaYYkRpQ5s8w4sSeFkzHLuxO0BJb0qciIhQf9RS-CjWY8PznK0s513eJp58EBx79T9vYpLs9V9pteSd4so-yDg36XE776kpO1aSIUrPmqCzcxNfTVDW0P-MTetlQnNOmIcJwV1wYUWcx4SALiJ-3Whv9yEgw5ikZQZTpwhKKhZbFeXmccqXKs83-aqZor3AKGY7EF0LjSfHWLKUKyiFQv0C4fZ_6poeatVrqYYDsIBYI7LTHTJ8DwagmyXzkXMuxy-Jtv6654_cWzdovtyXoCx_E-1pPcUDi5FEMCADQ8CWC6Wp9nQTnmu9BthNOpQDiJANTNgp-zfWtMoT3bcpy26A&cid=CAASEuRoPxqBn-YcQXiv9NgiAtPceA&rfl=1%2Chttps%253A%252F%252Fcontroldenied.info%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:00:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 9DAE 23 KB
9 KB 19ms
18ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

574d0f8eeef6741771d3cef0cc4869634263181bbf42de1e93ca22dcae36d8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9215
x-xss-protection: 0
server: cafe
etag: 10665788317172091938
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:17:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9DAE 41 KB
15 KB 20ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 21:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 21:29:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B4B 1 KB
755 B 19ms
18ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 13:05:23 GMT
expires: Wed, 15 Sep 2021 13:05:23 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 52199
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9DAE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d0679990d0c52517576c1ae2bb0ba3b0dd7ebdd4f7bd7bfd05cf89ed321b1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AAFE 22 KB
8 KB 19ms
19ms Document
text/html 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Sep 2021 21:29:50 GMT
expires: Fri, 09 Sep 2022 21:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 453932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 5E46 3 KB
578 B 36ms
36ms Stylesheet
text/css 142.250.200.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=280&adk=1323962898&adf=753656237&pi=t.aa~a.2888210779~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=1170x280&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4349&idt=-M&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0&nras=2&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=215&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lxvmfAM4T0&p=https%3A//controldenied.info&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 02:59:39 GMT
server: ESF
date: Wed, 15 Sep 2021 03:35:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 03:35:22 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 5E46 1 KB
857 B 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:17:21 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 5E46 18 KB
7 KB 19ms
19ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 00:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10823
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 00:34:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 5E46 2 KB
1 KB 23ms
23ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 03:11:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E46 125 KB
38 KB 27ms
26ms Script
text/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 03:35:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 5E46 14 KB
6 KB 20ms
20ms Script
text/javascript 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 02:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 02:34:20 GMT

GET
H3 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 5E46 26 KB
11 KB 28ms
28ms Script
text/javascript 172.217.16.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 12:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 571055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 02:45:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 07 Dec 2021 12:57:47 GMT

GET
H3

200

B25227074.298658111;dc_pre=CMuf0JqGgPMCFZGL1Qodzm0AuA;dc_trk_aid=491903284;dc_trk_cid=147919099;ord=505884088;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 5E46
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B25227074.298658111;dc_trk_aid=491903284;dc_trk_cid=147919099;ord=505884088;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=...
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B25227074.298658111;dc_pre=CMuf0JqGgPMCFZGL1Qodzm0AuA;dc_trk_aid=491903284;dc_trk_cid=147919099;ord=505884088;dc_lat=;dc_rdid=;tag_for_chi...

42 B
63 B

44ms
43ms

Fetch
image/gif

142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B25227074.298658111;dc_pre=CMuf0JqGgPMCFZGL1Qodzm0AuA;dc_trk_aid=491903284;dc_trk_cid=147919099;ord=505884088;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B25227074.298658111;dc_pre=CMuf0JqGgPMCFZGL1Qodzm0AuA;dc_trk_aid=491903284;dc_trk_cid=147919099;ord=505884088;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E46 0
0 32ms
31ms Fetch
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFpYq-WlBYfT_EJ673wPFnpMonf6uqWSs3s_rvA3Fjuuq-yEQASCTm8B_YMkGoAHS-MviA8gBCagDAcgDywSqBL8BT9DaPkSEg2rd5JNE2KpsBfVwb-wY_rvNAkE4WW4G7CpfMfgbVBxYN0vCyK2OWn7qctLEmI4GA91Pp7MBwLMpBxtWRpAAYZOPcbv_dM1f-x5Swse_kSlxSutHQhkYV_u-pTlQkqkhRDlMhyY-a0pzAHQlsBCRipKVc0vU1APZJTnDX0t95e-mIif6kUgaYyYXY19L6vBIVGfn45jtET5fhe7g7lCfmzUW8pP1za20_HtawHAUYU36E2A2frjf6QfABPuFjuOqA6AGLoAHwM7KIqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQyL0O0ggHCIBhEAEYH4AKAcgLAbgTiCfYEwOIFAHQFQGAFwGyFxwKGggAEhRwdWItNjg4NTE5OTE5MDEzMTQ3OBgA&sigh=ulq-g9ZRC6Q&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=280&adk=1323962898&adf=753656237&pi=t.aa~a.2888210779~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=1170x280&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4349&idt=-M&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0&nras=2&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=215&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lxvmfAM4T0&p=https%3A//controldenied.info&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 15 Sep 2021 03:35:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4B4B 35 B
463 B 34ms
8ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIGszQ1SSAA1H2tF1oWQqiE&google_cver=1&google_push=AYg5qPKbfi9xaHlChuS4ezexJWvr-mvuTLV9175mWgYnW8avuJuqYl5nZWsvbekahH1pLa6OfxAhJpfLxL9miA5kMC_dPQEZsxMR

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 4B4B 43 B
606 B 74ms
25ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDeJQVSAgDPP66hkE0fwAMo&google_push=AYg5qPLHkhBdL9hl95_SJ6MSvAiPVuPj4m6qOUlS3YSVBzfFKMyR64_jLHmeazg9g3EiCUTYQzAi5NFaiRvX6duMRVLcY00UmgVp&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B4B
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEN4GiE3weGy2tZaWJ9S5lJQ&google_cver=1&google_push=AYg5qPJ8J_vwonvN2TZBoLvrjvamnqIv7gsrvKakzL-4ynhMNsKoD_R0zkZpjMYBcpjZ5sjeIF8AC3MTrs9JmTJypN4h7GECCaRq
https://rtb.openx.net/sync/dds?google_gid=CAESEN4GiE3weGy2tZaWJ9S5lJQ&google_cver=1&google_push=AYg5qPJ8J_vwonvN2TZBoLvrjvamnqIv7gsrvKakzL-4ynhMNsKoD_R0zkZpjMYBcpjZ5sjeIF8AC3MTrs9JmTJypN4h7GECCaRq&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8J_vwonvN2TZBoLvrjvamnqIv7gsrvKakzL-4ynhMNsKoD_R0zkZpjMYBcpjZ5sjeIF8AC3MTrs9JmTJypN4h7GECCaRq&google_hm=hi53YyeEzxQtRNhVNzegyQ==

170 B
188 B

38ms
38ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8J_vwonvN2TZBoLvrjvamnqIv7gsrvKakzL-4ynhMNsKoD_R0zkZpjMYBcpjZ5sjeIF8AC3MTrs9JmTJypN4h7GECCaRq&google_hm=hi53YyeEzxQtRNhVNzegyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ8J_vwonvN2TZBoLvrjvamnqIv7gsrvKakzL-4ynhMNsKoD_R0zkZpjMYBcpjZ5sjeIF8AC3MTrs9JmTJypN4h7GECCaRq&google_hm=hi53YyeEzxQtRNhVNzegyQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: tp1m5rl5qvtgub03u72dfm0ujsht93ap

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B4B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ir_7CRkoQm6_9dNwvqvS-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
38ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ir_7CRkoQm6_9dNwvqvS-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLHRuNRWhmUBXA5htwxOOiB4DZgk80oQRXJWm3_adiLr8nCSi29lDNLYTEjiJvBaKnyr8XtWvxCNBYXwTwOrDVG5Gy-PwY

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Ir_7CRkoQm6_9dNwvqvS-Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLHRuNRWhmUBXA5htwxOOiB4DZgk80oQRXJWm3_adiLr8nCSi29lDNLYTEjiJvBaKnyr8XtWvxCNBYXwTwOrDVG5Gy-PwY
date: Wed, 15 Sep 2021 03:35:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B4B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKETacOCUgcwu2hr2Ehfh_Q&google_cver=1&google_push=AYg5qPLuWX-GEf1Pn2gsnCF7lGwycGEXmyFghnlV23ommmbMjWVTLeGOem8HhKgxN01dz_Z7g7q...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLWUI2UVEtMjMtNjdGNw==&google_push=AYg5qPLuWX-GEf1Pn2gsnCF7lGwycGEXmyFghnlV23ommmbMjWVTLeGOem8HhKgxN01dz_Z7g7qK8g4vKQe0ii9qUO5GhoFs3dQe

170 B
188 B

39ms
39ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLWUI2UVEtMjMtNjdGNw==&google_push=AYg5qPLuWX-GEf1Pn2gsnCF7lGwycGEXmyFghnlV23ommmbMjWVTLeGOem8HhKgxN01dz_Z7g7qK8g4vKQe0ii9qUO5GhoFs3dQe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLWUI2UVEtMjMtNjdGNw==&google_push=AYg5qPLuWX-GEf1Pn2gsnCF7lGwycGEXmyFghnlV23ommmbMjWVTLeGOem8HhKgxN01dz_Z7g7qK8g4vKQe0ii9qUO5GhoFs3dQe
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4B4B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGF7nRG90dtfK5JcUQbkot0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPK3otvgfYTsRcP1gv3qqglvPTMVyUJe-qMXfGO2jlauzP1GYcpKVbFT3ujRG_EUdjesmgruBptJCLFp007Jtz...

0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 4B4B 0
44 B 782ms
249ms Image
text/plain 52.199.44.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESECrIkddTu0RRnO1k-iQjwB0&google_cver=1&google_push=AYg5qPL5wV9odb9BXNG_H3HLvZd1k3iBj58AHD6ncXhXkEZX0nKNnZfkJ0AK3-MSHrpYWpj57ncIoyj4EqZfsZ4hbK23M3lERPIc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.44.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-44-14.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
server: awselb/2.0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B4B 0
12 B 35ms
35ms Image
text/html 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2j6XBeqNzsGcCDm0f7WFpwBMp9giX6lkjm4gTkvG6Ypb9CNkVvJ4tX0DzkGYhreeoJvH5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6029546226627727132/ Frame 5E46 28 KB
28 KB 20ms
20ms Image
image/jpeg 142.250.180.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6029546226627727132/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa31ba059c74fce1b8d90739757bdb49ea83b5a76212271e9e44fed72350bbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 06:38:16 GMT
x-content-type-options: nosniff
age: 161826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28235
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 22:13:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 06:38:16 GMT

GET
DATA 200
OK truncated
/ Frame 5E46 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
s0.2mdn.net/8316070/1612829183634/ Frame 4FBB 28 KB
10 KB 46ms
20ms Document
text/html 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8316070/1612829183634/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2147eb24eb903d394b019be35f98a352df71e0d9d9292ce186a43711eeb440b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8316070/1612829183634/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 10091
date: Tue, 14 Sep 2021 09:05:43 GMT
expires: Wed, 15 Sep 2021 09:05:43 GMT
last-modified: Tue, 09 Feb 2021 00:06:23 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 66579
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9DAE 0
24 B 35ms
35ms Ping
image/gif 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQNPzYnEAh4c5Y6JUZLIXIGd6wpNYp2m-TcCwjdlMclwo1ZwLlBOWVlRaVOtOkKKZpJgNHbXinNhosmYKZtNCvyVqcuetghzNuGfKffbZiH4ELj4BNUzhIHO8p3CslYvdqct6x7cZR624SE1b6FqbmuOxGwfwquerh7I3zfGtt61KRmQE5T1Fus83yAYtjKmxdZPuBVqgVGbjRLtwc5aXsdI1KUMv2UagN0u_aP5LBJz4KnUMkRX1Ir0DFPULMUNAAOOMwxht5QRBR4mlZWnJJ8mj6akTGcP0uGhOKXGO8_4KzRvuPvv-FUvO9C-3bj7BFbrj78UChvhP6dX0RLm85M51BVD5gmZTo-CousBVN-pwzvn6zGSbUtY8-Hum1eFW-FgNKd5xBfBXn-x-qerniVHvroMXJwxRvL9RTAZynJhJ_X0t835VQRdz545ojyJn3B0v44OX5VZYFmn9YCn9aJcR09janUc7NfMoSomf_00G9S0_TFalv-UFc-_WDekgcPNOnDmY9tA3P1JImpeYp66P7wdXf6NmSGWFNotEuaXmrw9-tkzdyFxxmlGTYJqOXaRYSFGZvLayvD959cDajHEOSrHXFgFJFEdhGzI1-cLlzzLWuepws4s86H0EV-MtmIiEiJF0CgcYAhPUMBVWaWgBQHtA431knMRmIPEW5iyPl7f1yu8UCx0tXRCjfRCR0bNX-uMNtX4un0ilwmgIZzLAJWD7J_qTPcs2w2QAS-tsWa-s8kCyPIW1ig9UO-ijMkOIVT5OFzQ5HeFrwCARU2iA3N4c90YiH6TdwhPO_PlxH9dnXFXM1CNKwffFNJzS5xahEXLOeICRTKGh84I9JG_aghAUkR7h6HbDhxkYcMc8oSA3PPbpJQOQxA4LOtZPtpFlHR5lqFG62Vioj6rXUOtuQ7NdkdECIdJxAk55I56RtzyuNyMNsUEkU0Ib5-AzNDcer-dKadYVpvkDKx39UGwHiEEOfbN61z-RnI8n9rjzrX07JWYEtMnGfwxbQfiffFx3ctBp9JFUpP9FDAGG34aXmpGjY4p_tHr_Pd2vrNMVt4XVXlsN941orIo59ToTd1ulD9e1QKHFGBOPzZyjZMg&sai=AMfl-YQpY5RE5Tr39ZwSjwIFbOorNJqaSq1OpQSU6bfDF8ga8PXso4lwIp5EguBa-TJ18tWnsVuIon0XSBr90nTjNcTx3024avP7RhY23tXi2cg5PQwytP63hmr4IKBYKp7Kpx1PHPYNzhdMG7i49HM5MO9O7REVQw&sig=Cg0ArKJSzJws9-FNipnuEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=107&cbvp=1&cstd=105&cisv=r20210913.24182&adurl=

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 15 Sep 2021 03:35:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK /
d.agkn.com/pixel/2387/ Frame 9DAE 43 B
662 B 68ms
8ms Image
image/gif 52.57.46.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=US&st=&city=0&dma=0&zp=&bw=3&che=929877648&col=25566338,4489784,299581406,492774990,145934112
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.46.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-46-254.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 03:35:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 9DAE 0
338 B 99ms
29ms Image
text/plain 34.255.105.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=ux5k5l91h&campaignid=25566338&advertiserid=8316070&placementid=299581406&adid=492774990&creativeid=145934112&siteid=4489784
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=600&adk=3558069443&adf=3009579419&pi=t.aa~a.70584127~rp.1&w=243&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=243x600&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4348&idt=1&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0%2C1170x280&nras=3&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1118&ady=1700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Rt6Wdthl0f&p=https%3A//controldenied.info&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.105.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-105-163.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1631676922
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FA3B 1 KB
755 B 18ms
18ms Document
text/html 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Sep 2021 13:05:23 GMT
expires: Wed, 15 Sep 2021 13:05:23 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 52199
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5E46 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b23d8a10cf334eb7570269c75e466b302193effdbc067ccb9488ffaa732f2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5E46 21 KB
21 KB 72ms
39ms Font
font/woff2 142.250.180.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 02:53:55 GMT
x-content-type-options: nosniff
age: 261687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 02:53:55 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5E46 21 KB
21 KB 59ms
26ms Font
font/woff2 142.250.180.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 05:48:07 GMT
x-content-type-options: nosniff
age: 164835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 05:48:07 GMT

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame AAFE 35 KB
13 KB 18ms
18ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 06:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 06:20:43 GMT

GET
H3 200 GDSage-Bold-trim.css
s0.2mdn.net/8316070/1612829183634/css/ Frame 4FBB 4 KB
3 KB 23ms
22ms Stylesheet
text/css 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8316070/1612829183634/css/GDSage-Bold-trim.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d6a1f0f02f5aef9b909b66a54692e418e952ba25b66ce3fd422f3bd46eaa28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3099
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 00:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Sep 2021 09:05:43 GMT

GET
H3 200 GDSherpa-Bold-trim.css
s0.2mdn.net/8316070/1612829183634/css/ Frame 4FBB 10 KB
7 KB 20ms
20ms Stylesheet
text/css 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8316070/1612829183634/css/GDSherpa-Bold-trim.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb7e05833f5e2b39fea557acdb0c13c3d6c711997c678dcf5cc8e13c20e1cad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 11:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 00:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Sep 2021 11:55:21 GMT

GET
H3 200 GDSherpa-Regular-trim.css
s0.2mdn.net/8316070/1612829183634/css/ Frame 4FBB 10 KB
8 KB 24ms
24ms Stylesheet
text/css 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8316070/1612829183634/css/GDSherpa-Regular-trim.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3fb63db5a1a25022be7f96d0e35c90eea65c1c8f3d8d541471866ebcccb3e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7700
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 00:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Sep 2021 09:05:44 GMT

GET
H3 200 main.css
s0.2mdn.net/8316070/1612829183634/css/ Frame 4FBB 13 KB
3 KB 29ms
29ms Stylesheet
text/css 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8316070/1612829183634/css/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a76196009519502eb88a0399ac9b2d184edd02a1970642201f6a9a442d215403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 18:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2606
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 00:06:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Sep 2021 18:10:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA3B
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHKh_XMw21ASAcxHSyThwHg&google_cver=1&google_push=AYg5qPLoLHpQwLOtrNCky0OICQLExEoBRFe8iNlXtzuJoL0C4X_jq1KrFz...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLoLHpQwLOtrNCky0OICQLExEoBRFe8iNlXtzuJoL0C4X_jq1KrFzBLFR0jNhw5MgvhTymJXzM5prN0ZcC-qFBzdpakR9M&google_hm=D5mLpei...

170 B
188 B

37ms
37ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLoLHpQwLOtrNCky0OICQLExEoBRFe8iNlXtzuJoL0C4X_jq1KrFzBLFR0jNhw5MgvhTymJXzM5prN0ZcC-qFBzdpakR9M&google_hm=D5mLpeiVRIehyqxZ8N7dVQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLoLHpQwLOtrNCky0OICQLExEoBRFe8iNlXtzuJoL0C4X_jq1KrFzBLFR0jNhw5MgvhTymJXzM5prN0ZcC-qFBzdpakR9M&google_hm=D5mLpeiVRIehyqxZ8N7dVQ
pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame FA3B 43 B
388 B 27ms
23ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEOQ-IrnqkZsoLViLjDANiFc&google_cver=1&google_push=AYg5qPK6GDbhvWlhhhX2jD6apu-YaubNx-RmJ3AH_yuOane1cbqO_gyk9cKlqWsr96uy7t5J8tkDGn80LieB7FKjz2K6eeHR3jXh
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=280&adk=1323962898&adf=753656237&pi=t.aa~a.2888210779~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=1170x280&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4349&idt=-M&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0&nras=2&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=215&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lxvmfAM4T0&p=https%3A//controldenied.info&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA3B
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEEqSrNXcMoxhE4k_YT1axdo&google_cver=1&google_push=AYg5qPJDx2aAVS8zPpOLHwuxo2z-_UtUakzk0Kdyt7Kv6zutrv8um_ZTwEAzeK5Sh779HlQEDEUfFs0NjisfvFgspV6wA-QEo2Tx
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJDx2aAVS8zPpOLHwuxo2z-_UtUakzk0Kdyt7Kv6zutrv8um_ZTwEAzeK5Sh779HlQEDEUfFs0NjisfvFgspV6wA-QEo2Tx&google_hm=hi53YyeEzxQtRNhVNzegyQ==

170 B
188 B

38ms
37ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJDx2aAVS8zPpOLHwuxo2z-_UtUakzk0Kdyt7Kv6zutrv8um_ZTwEAzeK5Sh779HlQEDEUfFs0NjisfvFgspV6wA-QEo2Tx&google_hm=hi53YyeEzxQtRNhVNzegyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:21 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJDx2aAVS8zPpOLHwuxo2z-_UtUakzk0Kdyt7Kv6zutrv8um_ZTwEAzeK5Sh779HlQEDEUfFs0NjisfvFgspV6wA-QEo2Tx&google_hm=hi53YyeEzxQtRNhVNzegyQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 78fi9k47mijvdo91nudi3dvh46skjarp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA3B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AK90381OQzqG9OWpX2565Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

37ms
37ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AK90381OQzqG9OWpX2565Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWrI9K42T0ivK-dVS-Ml1DFkr2Hr5tSJpAQkpWs-uuVzRBbWDorO0TJivwOZ6zAvzngVzhIR3FvL8U4vrrHOssAQQuYr3E

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AK90381OQzqG9OWpX2565Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLWrI9K42T0ivK-dVS-Ml1DFkr2Hr5tSJpAQkpWs-uuVzRBbWDorO0TJivwOZ6zAvzngVzhIR3FvL8U4vrrHOssAQQuYr3E
date: Wed, 15 Sep 2021 03:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA3B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOsITqDUU5lOk1x2QKCQSd8&google_cver=1&google_push=AYg5qPJbM3VVvQ3XWrnjjOVbzeSmZ9wB2ny3gahyudQZ6J3hGv8Lgo0oRC0jtfHo2CtBLOm8JP9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLWUI2U08tMUItMTNVUw==&google_push=AYg5qPJbM3VVvQ3XWrnjjOVbzeSmZ9wB2ny3gahyudQZ6J3hGv8Lgo0oRC0jtfHo2CtBLOm8JP9vkteJGW15GvKN_bY3mH4nZqFh

170 B
188 B

38ms
38ms

Image
image/png

142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLWUI2U08tMUItMTNVUw==&google_push=AYg5qPJbM3VVvQ3XWrnjjOVbzeSmZ9wB2ny3gahyudQZ6J3hGv8Lgo0oRC0jtfHo2CtBLOm8JP9vkteJGW15GvKN_bY3mH4nZqFh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RLWUI2U08tMUItMTNVUw==&google_push=AYg5qPJbM3VVvQ3XWrnjjOVbzeSmZ9wB2ny3gahyudQZ6J3hGv8Lgo0oRC0jtfHo2CtBLOm8JP9vkteJGW15GvKN_bY3mH4nZqFh
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame FA3B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIK4PPnsw1Lg53Ji3Zy1tH0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUFp-fZzcOxc86B1ioVOFQAABIUAAAIB&google_push=AYg5qPJ4s5v99Wr6YuHsix2ItobA_jFftiGd502N17E7b94P4lREEXdcg6G7sJREt0ruN2P6vp3bgfYfTqrK14H-os...

0
0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame FA3B 0
43 B 682ms
249ms Image
text/plain 52.199.44.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESELlJn6w1fuFbVjq-bNTx2aU&google_cver=1&google_push=AYg5qPJMGZTw6U_-XSK3vOsHv4l3IScxyMKB3z3I3lfTjHjuN-1pm6MfgsXwrARjruLZ5BPcv-OZ4Cd7A9HUbmI69kRoaab4npzr
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6885199190131478&output=html&h=280&adk=1323962898&adf=753656237&pi=t.aa~a.2888210779~rp.4&w=1170&fwrn=4&fwrnh=100&lmt=1631676921&rafmt=1&to=qs&pwprc=5808066281&psa=0&format=1170x280&url=https%3A%2F%2Fcontroldenied.info%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631676921228&bpp=1&bdt=4349&idt=-M&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df303dc383b6cd1b0-22fa7dc431cb0048%3AT%3D1631676920%3ART%3D1631676920%3AS%3DALNI_MY2_Ko1UjW517TIQz6xtzosD-6bgA&prev_fmts=0x0&nras=2&correlator=6077576201380&frm=20&pv=1&ga_vid=876403886.1631676920&ga_sid=1631676921&ga_hid=1641021586&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=215&ady=1297&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062526%2C31062297&oid=3&pvsid=2307059306696604&pem=973&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=lxvmfAM4T0&p=https%3A//controldenied.info&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.44.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-44-14.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
server: awselb/2.0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FA3B 0
12 B 37ms
35ms Image
text/html 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iydoq6igU_yMcVlO2KhHEIqOmL8uGiw0Tdh8-cH6enZQRHqkIpYXk2F1vu9yPolN0nu6ee

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 160x600.jpg
s0.2mdn.net/8316070/1612829183634/img/ Frame 4FBB 42 KB
42 KB 21ms
21ms Image
image/jpeg 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8316070/1612829183634/img/160x600.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fccac9590e929f475c660f079d43ff4a33db48af4752ac38bfdc0c26b1f05374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:05:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 00:06:24 GMT
server: sffe
age: 66578
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43369
x-xss-protection: 0
expires: Wed, 15 Sep 2021 09:05:44 GMT

GET
H3 200 index.html
s0.2mdn.net/8316070/1612829183634/ Frame 4FBB 28 KB
28 KB 20ms
19ms Image
text/html 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8316070/1612829183634/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10091
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 00:06:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Sep 2021 09:05:43 GMT

GET
DATA 200
OK truncated
/ Frame 4FBB 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 4FBB 7 KB
7 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a12d4c8b4c78caa710db7d518bd7f7fb93e82e4db3e7a41489701d13f416578

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 4FBB 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3902eb5021e570ec34c8283a2a91187b6fb030ce5af81556e8e31e3cd4e788f0

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 029C 35 KB
13 KB 19ms
18ms Script
text/javascript 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/63nx1wftg6VHOR-tiT7SbUA_tgXQN9sjUf-d_JpEnTc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb79f1d707ed83a547391fad893ed26d403fb605d037db2351ff9dfc9a449d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 06:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 06:20:43 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4FBB 112 KB
38 KB 26ms
26ms Script
text/javascript 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Sep 2021 03:35:22 GMT

GET
H3 200 timelinelite_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4FBB 13 KB
4 KB 34ms
34ms Script
text/javascript 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/timelinelite_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d49aa620c0f7fe03d96000efb3d9a812cc1bdf0f14696681ca16e146ec7b3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4356
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Sep 2021 03:35:22 GMT

GET
H3 200 scripts.js Show response
s0.2mdn.net/8316070/1612829183634/js/ Frame 4FBB 53 KB
10 KB 20ms
20ms Script
text/javascript 142.250.180.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8316070/1612829183634/js/scripts.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8316070/1612829183634/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c31c2a3b05c26a83c6f1b154dadf66db0f8ccdcbf30cf35d994f2c4df7eb030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8316070/1612829183634/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10467
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 00:06:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Sep 2021 09:05:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9DAE 0
23 B 33ms
32ms Ping
image/gif 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: controldenied.info
URL: https://controldenied.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 03:35:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AAFE 0
25 B 31ms
31ms Image
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUEqa-WlBYY-POJq1zAbz-qeIBQAAAAA4AeAEAg&bg=!ODulO3_NAAYT0U73E9E7ACkAdvg8WjRk4vMhtH8GNyqO-XqUL2PvRiqZ2OkfIk-lxTifcjBxld4FKAIAAAC8UgAAAAtoAQcKAFugtf2JzgkcIQV-gSdW36fEqRFGTqop5Q9PkANPxHLaYSGRayLo8BMsaL9xzOYQBgFpfWZnMowci4UUoiClnIr9cao-vqnLbP79zyaS8I7B8upIRovIkQVRFJBSmQKsrHN9-ieGZ8Ye4Ef_JovxB-25ZUD-HaqfsRrNhFPXW9EBsen3-KxX0xKW-8QHxmM4R9dx5bBd3DnbpYwrYJqHpMTp8181-ctpbDW-yVl_HCJEi4QqL7MOYBGHfwcY3i4FPt8KyDW4ZaDeU1h8AjUxDWYq87nBY47eqnbg84PTAPEQsghU2hsTPWySPAnF9Ma7s9_DXOpFKkum1fJaOPySK0pVJSS8PPz1t1DdGbiWZ0nZJl7N5qsd_dB8QHazNvPsO7xlJ-WlQbZ9qmxdx0kDN5lcy9RlXwAVYhB6m3kxFaI11kWIzfSUGV8ZRVg4JrEtOv-MD8k1-X7PFyrDXBdK4F-UxIQQT1s-s20H24J8GjjQRaRZigKJCJH0GbsU5DFTk_0B2gho9MSbeQlrvJRNnLYNmYFMHp5lTtfS0jn92wWCt2rBsD4qMe9tTP76bA7UBaqzzdI3gvJH7L9WlqQIuoeaNgr6N1Str4Q3VYZOBxEJayGG7NJbzphreDJ6lKKDSmjR1r-bZqlZKJn5UGocWz6tlTHY5Gh4KU_zx_WOAW1B2uIjNRfT5BFo7gjjwuYG5ySHCMQ-zxMlTHbk6Ot1seH-8I6MSkLLcyklU3ExJcEAIaz3aXt_BNUuBGuPVunNFcb5BDthE9E6K2-vmrDc6Bfy1t-IdnxEarg7nKx1EEOf3Y__dcwsWmHbBDkw5E7BzolNp3cvxjBmwOO7ltQlySNjISoeSBii8J-PiSybTK_FyhTMcrWyByyeShg4_kbjqIt_v87VrA3IH2SiILtdpRGXbmR4fVQ1Y2K4gHE3gH8YrqPdi0xCP8SC4moF-xH_uY3N8EQCsEBieooXQzLsC_tB-e4V2160niuBFV6J6VQJoJdg2QxagXg1wyukVZOCGXVDdT04nHhVENHM

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 03:35:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3BE 42 B
64 B 31ms
31ms Fetch
image/gif 172.217.16.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueRjWjd2HefoaBdqi6MGN-UX7n3koZVHOSws-NovXULCnd6fy6aIEDEeB6Vnkm9CdbSTFIhn0XmC2pCgbqsfG4ewTc5H293Lsm5yvkNvg20sUbads&sai=AMfl-YQqsA5WZbykwZxFdu7lDRlE3cEHh425l1oc6-EwhkDj3pg3vyM1zBHwIuEowYzJgVxQ3zYYoWe30w0K&sig=Cg0ArKJSzC20d_UIcG66EAE&cid=CAASBORogl4&id=lidar2&mcvt=1002&p=1110,0,1204,728&mtos=0,815,1002,1060,1060&tos=0,815,187,58,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631676921326&rpt=263&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS