sap.trackingresi.com Open in urlscan Pro
128.199.93.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sap.trackingresi.com/
Submission: On May 21 via automatic, source certstream-suspicious (May 21st 2021, 12:19:55 pm UTC)

Summary HTTP 78 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 11 domains to perform 78 HTTP transactions. The main IP is 128.199.93.51, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is sap.trackingresi.com.
TLS certificate: Issued by R3 on May 21st 2021. Valid for: 3 months.

This is the only time sap.trackingresi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	128.199.93.51 128.199.93.51	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:80e::2003	15169 (GOOGLE) (GOOGLE)
1	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:56::a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
78	18

4 128.199.93.51 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

sap.trackingresi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80e::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:56::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nl6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	297 KB
19	doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net static.doubleclick.net	89 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	92 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	160 KB
4	google.com 2 redirects adservice.google.com www.google.com	420 B
4	trackingresi.com sap.trackingresi.com	25 KB
3	2mdn.net 1 redirects gcdn.2mdn.net r4---sn-4g5e6nl6.c.2mdn.net	343 KB
3	googletagservices.com www.googletagservices.com	99 KB
2	google.de adservice.google.de	287 B
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	googleadservices.com partner.googleadservices.com	413 B
78	11

	Domain	Requested by
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	sap.trackingresi.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	sap.trackingresi.com	sap.trackingresi.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	static.doubleclick.net	googleads.g.doubleclick.net
2	r4---sn-4g5e6nl6.c.2mdn.net	sap.trackingresi.com imasdk.googleapis.com
2	csi.gstatic.com	imasdk.googleapis.com
2	www.google.com	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	sap.trackingresi.com cdnjs.cloudflare.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	sap.trackingresi.com
78	20

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
sap.trackingresi.com R3	`2021-05-21` - `2021-08-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-11` - `2021-07-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://sap.trackingresi.com/
Frame ID: 4CDF8B67B0AF026125B759AFA6B65F78
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: E93D70A9D7B47BC341672A97DDB4FBA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1839787983&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578602&bpp=3&bdt=608&idt=55&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1729969130723&frm=20&pv=2&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dhp70fjGnl&p=https%3A//sap.trackingresi.com&dtd=66
Frame ID: C18C70C439D8F7E4AF4F944CE2FD2712
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=2824717477&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578605&bpp=1&bdt=610&idt=67&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pLnXCq4Wcr&p=https%3A//sap.trackingresi.com&dtd=69
Frame ID: 76D4BFED9601CB9873F2C06FF1F873C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74
Frame ID: 9D4072B1BD398AC8C59C30DBCF6F59D6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77
Frame ID: 1334E1016BEF979623A8750D31AFA713
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83
Frame ID: 55345BC43E2CEE71B0A6ECED33C17302
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1171094417&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578626&bpp=1&bdt=631&idt=67&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bNhX0s6qNZ&p=https%3A//sap.trackingresi.com&dtd=70
Frame ID: 7C87608CEA9AC01B5EC6DC4FE8950DC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&adk=1812271804&adf=3025194257&lmt=1621599578&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsap.trackingresi.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578634&bpp=1&bdt=639&idt=64&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280%2C998x280&nras=1&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=67
Frame ID: C04669D765149B1B2618F1F1D8954B41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3F9FE43A94F6C34C5DEBAE0C2A32BBE1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js
Frame ID: CFCC663E28360A69764E8671F14E5A8C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 73F4D562D54A2BA4DD68B22EA89B50D2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7AEC74D2CAAB9AD603D3B1031E0198D9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js
Frame ID: 1F4B1E88D3072D53A1FC8DCAF822742B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 09ECF055A572746B8A2C2C6A6139D57E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

78
Requests

100 %
HTTPS

84 %
IPv6

11
Domains

20
Subdomains

18
IPs

4
Countries

1188 kB
Transfer

2427 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share
Title: Tweet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 53

https://gcdn.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/23B7613A3DC9CD79F81CC81860ADFFEF364D3B2C.A6F7F891A7670D2C338C185C544B4C1D452689F6/key/ck2/file/file.webm HTTP 302
https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/33279F0022933E5106D3055F6E1E6A069ED7AC25.3D70DDDEBAF188D0E8E5C1014FF55927D1A5CB19/key/cms1/cms_redirect/yes/mh/Ol/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1621599152/mv/m/mvi/4/pl/44/file/file.webm

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

78 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sap.trackingresi.com/ 67 KB
10 KB 1039ms
267ms Document
text/html 128.199.93.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://sap.trackingresi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

128.199.93.51 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PHP/5.5.9-1ubuntu4.29

Resource Hash

f2a372bba83817a407f805230bc2f6bedcb268bb9eada4cbaf9ff740f3895e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: sap.trackingresi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 21 May 2021 12:19:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK base2.css
sap.trackingresi.com/assets/css/ 15 KB
4 KB 259ms
259ms Stylesheet
text/css 128.199.93.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sap.trackingresi.com/assets/css/base2.css
Requested by: Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.93.51 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 54ebb0e779b6407186430ed0813c634c68376f244ffa156426cb436e88261283

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sap.trackingresi.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sap.trackingresi.com/
Connection: keep-alive
Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 12:19:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jan 2020 09:27:51 GMT
Server: nginx
ETag: W/"5e12fd97-3ccf"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000 public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 21 May 2022 12:19:26 GMT

GET
H/1.1 200
OK box.css
sap.trackingresi.com/assets/css/ 2 KB
990 B 516ms
256ms Stylesheet
text/css 128.199.93.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sap.trackingresi.com/assets/css/box.css
Requested by: Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.93.51 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 74406c3c8733906943721961d853e646f93f4810484fe476e8512247b52cf181

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sap.trackingresi.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://sap.trackingresi.com/
Connection: keep-alive
Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 12:19:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jan 2020 18:18:57 GMT
Server: nginx
ETag: W/"5e20a911-67b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000 public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 21 May 2022 12:19:26 GMT

GET
H/1.1 200
OK logo.png
sap.trackingresi.com/assets/img/ 9 KB
10 KB 769ms
257ms Image
image/png 128.199.93.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sap.trackingresi.com/assets/img/logo.png
Requested by: Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.199.93.51 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ba23959957d961e0c4527a769b2249a6f37e247c1da3412d2eb5c9060062d535

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: sap.trackingresi.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://sap.trackingresi.com/
Connection: keep-alive
Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 12:19:26 GMT
Last-Modified: Thu, 16 Jan 2020 15:09:13 GMT
Server: nginx
ETag: "5e207c99-24f8"
Content-Type: image/png
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9464
Expires: Sat, 21 May 2022 12:19:26 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 31ms
15ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2483565
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 0a3076ff9e000097dece3a5000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FlNF8lTqIbg2%2BKVhU1vreNnmi4PwR5%2FcGjtbwI9XasYv2wtzCgHd4%2BNi0AJgmrI5E2nn1vIen9kx2HuH0V5Tt3vWMFgZpJ55E5zVGNjKFRSVAaYDl2zLHNwW%2Ft05D%2Bh9ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 652dc112981e97de-FRA
expires: Wed, 11 May 2022 12:19:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 43ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ae4acee7502a40fe0c4bcd8d62e5d0d09295386ca1d16ff068a380569a9504e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47957
x-xss-protection: 0
server: cafe
etag: 8778404185546752019
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 12:19:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 09:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183322
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 09:24:16 GMT

GET
H3-29 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 35ms
26ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://sap.trackingresi.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1951978
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 0a307701bc00001f39c5811000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3jNpgSL2QFT0PAcLemhKisEMXbPAeOy4pxRF2NAfAhswJGOgrd%2BxJIbImkhSbpCItdx%2BtuJUOoAvIWtvazCQ3L4Gc0pnOJ96hef8G6QzXoc1yFB2e5cf%2FD4B52TKp6BW9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 652dc115fd5f1f39-FRA
expires: Wed, 11 May 2022 12:19:38 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3799434046416860&plah=sap.trackingresi.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 May 2021 12:19:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame E93D 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 May 2021 22:33:52 GMT
expires: Thu, 03 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 49546
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
413 B 32ms
30ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=sap.trackingresi.com&callback=_gfp_s_&client=ca-pub-3799434046416860

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3799434046416860&plah=sap.trackingresi.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

83ab1b34aedd181b8ad765bc647a5bc62f31511ee8fd57f4d7edca334c46e14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sap.trackingresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sap.trackingresi.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C18C 405 B
227 B 482ms
481ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1839787983&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578602&bpp=3&bdt=608&idt=55&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1729969130723&frm=20&pv=2&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dhp70fjGnl&p=https%3A//sap.trackingresi.com&dtd=66

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2285655e0a85399c38e23d4dc3d48a0057857faa7959bca63b24d7fde79dc813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1839787983&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578602&bpp=3&bdt=608&idt=55&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=1729969130723&frm=20&pv=2&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dhp70fjGnl&p=https%3A//sap.trackingresi.com&dtd=66
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:39 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 21 May 2021 12:19:38 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76D4 405 B
229 B 379ms
379ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=2824717477&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578605&bpp=1&bdt=610&idt=67&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pLnXCq4Wcr&p=https%3A//sap.trackingresi.com&dtd=69

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ded6e23000b63bd61110fcff0f57db866f7caf1cae805502e01c3a65ed60a972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=2824717477&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578605&bpp=1&bdt=610&idt=67&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pLnXCq4Wcr&p=https%3A//sap.trackingresi.com&dtd=69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:39 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D40 82 KB
25 KB 868ms
868ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa80c4b2c5352851ad79a0641dca5435fcc36a204ca765c6ad8e6468335e6126

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2-7Zbh2vACFYOFewodppYFIg&gqi=WqWnYJaqKoXTtgfl57PwCg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2-7Zbh2vACFYOFewodppYFIg&gqi=WqWnYJaqKoXTtgfl57PwCg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:39 GMT
server: cafe
content-length: 25152
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1334 74 KB
25 KB 374ms
374ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7536951a28b4722de009d6716528cf77679e5c5730ec263fa20eb2972b26ef76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:39 GMT
server: cafe
content-length: 26017
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5534 54 KB
14 KB 418ms
417ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38f87be3b4597fc42b808be89c102852102b4146bac27fab4c39b4c1bd1ba790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:39 GMT
server: cafe
content-length: 14736
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=sap.trackingresi.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sap.trackingresi.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 12:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C87 405 B
226 B 268ms
267ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1171094417&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578626&bpp=1&bdt=631&idt=67&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bNhX0s6qNZ&p=https%3A//sap.trackingresi.com&dtd=70

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7728e8ad442a2784b3d3c61ee1870ffb6ec65437ec88bc347bbc7b01bb969865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=962360510&adf=1171094417&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578626&bpp=1&bdt=631&idt=67&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bNhX0s6qNZ&p=https%3A//sap.trackingresi.com&dtd=70
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:38 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:38 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C046 2 KB
489 B 67ms
66ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&adk=1812271804&adf=3025194257&lmt=1621599578&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsap.trackingresi.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578634&bpp=1&bdt=639&idt=64&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280%2C998x280&nras=1&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=67

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3829a849ae60bda33939fde66c4295bb0b4ff6a6c3475ff0b517f314eb83531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3799434046416860&output=html&adk=1812271804&adf=3025194257&lmt=1621599578&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsap.trackingresi.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578634&bpp=1&bdt=639&idt=64&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280%2C998x280%2C998x280&nras=1&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=67
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 May 2021 12:19:38 GMT
server: cafe
content-length: 466
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-May-2021 12:34:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:38 GMT
cache-control: private

GET
H2 200 0ff854853407eef3897c8a334593dc60.js Show response
www.gstatic.com/mysidia/ Frame 1334 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0ff854853407eef3897c8a334593dc60.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f8135f4e2080aec7c05e37b9c8605ddb4cd696efafe62a57353fe144d573803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 10:04:25 GMT
server: sffe
age: 258555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2714
x-xss-protection: 0
expires: Mon, 16 Aug 2021 12:30:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1334 3 KB
674 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 May 2021 11:17:35 GMT
server: ESF
date: Fri, 21 May 2021 12:19:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H2 200 206e6be5a1eb8d32b9a41c146f639315.js Show response
www.gstatic.com/mysidia/ Frame 1334 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/206e6be5a1eb8d32b9a41c146f639315.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81dc030325da7936333409e93229e0bd0d9a7ea862bbc524ab126a2f6b70b9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 10:04:25 GMT
server: sffe
age: 258555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4074
x-xss-protection: 0
expires: Mon, 16 Aug 2021 12:30:24 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1334 1 KB
909 B 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:17:06 GMT

GET
H2 200 f72677a08b4e63be238c80f42bace2b0.js Show response
www.gstatic.com/mysidia/ Frame 1334 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f72677a08b4e63be238c80f42bace2b0.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0fc32fda7a933c1f82148b7201729627deeb7860802c65366a202925601bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 10:04:25 GMT
server: sffe
age: 258555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1324
x-xss-protection: 0
expires: Mon, 16 Aug 2021 12:30:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 1334 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:06:04 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1334 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:16:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1334 118 KB
36 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1334 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:16:47 GMT

GET
H3-29 200 6bd41964be010df5460da51c4a6824b5.js Show response
www.gstatic.com/mysidia/ Frame 1334 25 KB
10 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6bd41964be010df5460da51c4a6824b5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 23:56:38 GMT
server: sffe
age: 258555
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10390
x-xss-protection: 0
expires: Mon, 16 Aug 2021 12:30:24 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1334 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cca6jWqWnYMnJK9ju7gPN_7HQD-LUl-hikfaw7e4NChABIOro8l9glQKgAcHUwbQByAEBqQLjdr40r3-0PqgDAcgDywSqBNABT9Aeh3DNQtOL_yiP72dbDW4ciZe2eJ3mZpJVEOGmcaXCdSgdcokai6sJzldZTftjgDU41OT2xNOCvNo-ZLrnDt2ROaD8fVcMReCpL__YSxZ7p445EQXKjbAlZXT4oYCyhSQqL7JHqhDUavZ208dSjZAOnNoZqHmqKAAFM8_QsMNyCp0oisF_gyWoNJsJSL-hCOUvfa-wByNvcJb-LjCrY83yRT2CprOYYRy4G-OffrDLVXB1m-VTiXRXYSIrqO9xUonEZ2Gh5eiXx73fem5ck8AEoIbjrs4DgAenq77LAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDJ-APSCAkIgOGAEBABGB-ACgHICwHYEwOIFAPQFQGAFwGyFxoKGAgAEhRwdWItMzc5OTQzNDA0NjQxNjg2MA&sigh=I9i_EMHUyFw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 12:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F9F 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 21 May 2021 11:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1349
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1334 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b9cfeac7f75587282f065912c9b7da48ed827c05e871bf2dc405518d712e6d8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 5534 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:06:04 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5534 8 KB
713 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 May 2021 11:18:29 GMT
server: ESF
date: Fri, 21 May 2021 12:19:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/ Frame 5534 14 KB
3 KB 28ms
6ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320968
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 17 May 2021 18:22:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 19:10:11 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/ Frame 5534 354 KB
123 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

421b2b6503024831d0804a4dca8f0543559b2d4bcb377c967b02b2b027ea136a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320968
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125934
x-xss-protection: 0
last-modified: Mon, 17 May 2021 18:22:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 19:10:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 5534 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:16:47 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1334 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 440161
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Mon, 16 May 2022 10:03:38 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 1334 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 10:13:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 7572
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 21 May 2022 10:13:27 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F9F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

41ms
41ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyoguK2ZM7GbmCGjvOjjzywA22_hf7wPzReqHl85IQ4Aa_p_zH8O9xii4u8AU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 12:19:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 21-May-2021 13:19:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 12:19:39 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CFCC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 00:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 43316
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0
expires: Sat, 21 May 2022 00:17:43 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5534 0
331 B 766ms
266ms Ping
image/gif 2404:6800:4004:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~koyair94&c=1770331476106&slotId=885165738053&qqid=CNeT7pbh2vACFcmY3godoiQNoQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C75259405%2C75259407%2C75259408%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5534 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 10:13:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 7571
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Sat, 21 May 2022 10:13:28 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5534 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 313459
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 17 May 2022 21:15:20 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5534 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C-_kZWqWnYNf-K8mx-gaiybSICs6R1-ZizcX9yMsN2qrj7ZwkEAEg6ujyX2CVAqAB98-q0AHIAQWoAwHIA5sEqgTqAU_QV8-PnXTa4QmIqqIQcha7DUN5t1HFrqBejuYFBkfgh5cHJMdg6EZbwtLESRAOQB7S_1KDaNSn1mT0idKUi-5NndMR6OTWzfxSK194kvoeQO2rmgwPCCIV2iFg_w8zLQLaICRdJEnZQzFt5gx1LBCFnQonBrwjaHsd-mckaK4OAvpKSJHTC5QM5p6af3rkki_nsYc2AdUdtjlcCz_v1ObizIilyqpYIjzkr0bx13mCLY9MzDKnS-ec577wbHygZhLN2xwxOYxg3dMF3PbdjaS_svZSCdnoJeqA_oelCF9as16sMK1LPWX-AcAEsNS91MYD4AQDkAYBoAZOgAfxr9WvAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATwrrLC9ATANgTCogUA9gUAdAVAYAXAQ&eventType=clickstring&clientTime=1621599579260&ai=C-_kZWqWnYNf-K8mx-gaiybSICs6R1-ZizcX9yMsN2qrj7ZwkEAEg6ujyX2CVAqAB98-q0AHIAQWoAwHIA5sEqgTqAU_QV8-PnXTa4QmIqqIQcha7DUN5t1HFrqBejuYFBkfgh5cHJMdg6EZbwtLESRAOQB7S_1KDaNSn1mT0idKUi-5NndMR6OTWzfxSK194kvoeQO2rmgwPCCIV2iFg_w8zLQLaICRdJEnZQzFt5gx1LBCFnQonBrwjaHsd-mckaK4OAvpKSJHTC5QM5p6af3rkki_nsYc2AdUdtjlcCz_v1ObizIilyqpYIjzkr0bx13mCLY9MzDKnS-ec577wbHygZhLN2xwxOYxg3dMF3PbdjaS_svZSCdnoJeqA_oelCF9as16sMK1LPWX-AcAEsNS91MYD4AQDkAYBoAZOgAfxr9WvAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbATwrrLC9ATANgTCogUA9gUAdAVAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5534 26 KB
13 KB 108ms
50ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bsdhm5cnHPBlXr9iWpiFG3pAjdTOXqErrzzpNrx06al09Qb5n6okNmFU0JxtmJd_f2Zp3Zk_Ld2SYFeH2r0TFSgH0CTw&dbm_d=AKAmf-BHxahrSfsX52b7cEXZwWQrYzJqQMn5eYk5At0d08DET7N76nTVGOh9djMCG91oZiH3rqRju179jMKIk37A3M7tfC_MHSEfCepbCJjagNIZvlfWGXfIcSHsbVi-yqnIEjNNawCekS53nSBNz2_Z1CYlXP1pKanYZee5-CxtyvbJDYLUfGfvmQ5ec4HIFMiItJXvbjDppFWV5B7dZtQfl9rhfJcS7K0hG3NMUjxDrLkdLhijo18UmJd42YkJp9g8CEIp1cXUTuibAjab6NLDgCoHcd6pqJFjPERm60G9TRPjMMtP28n0YuSdNJTwZJq7I-6Eheep1uUVC73CzAyyJndCPLoLbPKdM4eYn6Dv1S0GRDTT-FeFLRhIL83ekeYx5uzoXHUBPKCqssY73wJ3COCLgHwIB19nlpumVgNn6s3_kpLeN3Ze-LlzbR_nTS_h49z7WFb3x2xiVGdih_dk_CquA8wvIkHFJuslgfn936xmG7YfQTJbUoYFcbVMO_LzBUXCkEwklYYT2LyBaBig6ClmYrV1WBUPpW65FT5XUe283b1jyWh6qZiefKjlDTFFiCsDY-6IE5jCpglqVgru6Wv27sboDCN92vGmLaQAXDZPHHWdn7inQYElzUewPqDktU0kftrpL9-d4NFE0Yo9ZkRL0wp9gT7fPbmRnczwFxcsp_jBAAqBv2bN01QaDXn75bZ3tKaUGHhOD1XMGRpX8BfqouQTMEXlt-CjSn7mEBd-IkGOi1r5fb7EXA_2PKCwTcvu_B8Np9GwBCg6vF3eiaXAA5eDMi_y3U8HcXGVvvstTcRVKsJIpknjJALEfl6QcAtBeL6-yoa_qoUEOc8oiU7UwM46bJKcShUNyss_kylo95ah0va6kbLQqVFcnrWKf1IptlYctPODETsYkzWfNso1QXFnA6UlO2c8cturjCBym8UrJ5IYtCLVtYhOCi-BILSPPIXAYI_X9yCFIoUDv4NzsMbd6ht8tBNKJxpXxBe8rig0SZvwTelaIOt_B8-Non15vvIWbZIt-TXbwc6-QuVvZfn27K2hGo5VsBwerHM0xNrNFMA50Xg9mS1G1Olw7THGRv546sKY7999M-_E4WVvE3UOIIOMKNsNhJ0sUFPb2iRIkJKSccQDI9dAkr4FHh4Vl4FtB14sUyGDJ5HJ8LfYw0qIL-azsBbwu1pFQd34rhPFzC4Y5oFCXGZfITCGGg28B0dD0ZFhdzXdBK_k71WeJqT3AZ-_PRQj4he1WHoP8NcIcgnc8csSbdcPc-EIfsuV5no_viUKbN7m3vk3fbhfsU2O3Kn18mD2pAu7HqyxRD3-2IMXjTYQfJMyThXiuWUOpPkJx3kURAtE4_wFcgWIMIQ7tJtARRYeAkQJPAoe4cMyvJ4H0ZzlqxlsKQfu_EEd48wayjhCgGkvXJEvKE6Jkv5P3PqIF_o4xrQGGHGKcrrIVtkl4FRWGI-YCCpzGyFJiVSGV26RiuxwdT3B0UxN8HU9lk81cc8_MWh8ZM3AhsUNeWh9QF56suF5gXAWjwJG21XEwLmcMimwIYvnJWeeOb5-4ujVQqv7LNUy8rKEJQnZZ4bltWEp4oXKZA1S46SmVK7G9aU4ayiSUFDcjmfLMVw3ZERBm0MwXjIn5Y03TqO16iNRtip18Hdi-RFr9tLy0E8xQfGS_S670j1As8_MXRigX5P2FslhNOoK8k8nWejW5vgQiEWYFiFRoG3u_kvUGxFimAuCK4up6rqwflRulnqqwJPIC0bC6cegsCo1sWNZLuUj-2ZpUNf4rix4QteQ-DMhRcc2zDr_bF1p9Lp1GELUdEx60KMTYn5J4TQCc0KRfCauRXhVm2H7R0bFGPJpBBgIImHgiKBaL_CmYipQC33RfL_KblzSDk8a9lAGQbR53ku4-vRig9Znpd-vatTd4mqLkOmMLCZRMEw4kLBNedyhpAtUmbJayEMS-1bCmgQ_iyZViHx7xh7PpuAlSvbSpC4zOE7Ulcjpt4Ew0gPB3knhBfo4yqpEmWLmwquIovu072uxQZJtoImVON_ZcokTWD_3ttwq6gRN8nDNHDdARZstOjIHjmj9vuGgZbfb8jKXKsg8IwWtlAq78Qey1x-TpZlXP4QonYTQaWbTw8kZsYpH0a-v0pUw_rTDEu8-XjKqaji4OWDdMVTZSQ37NFlV_BZC4D2W7ebT1J6itQ6XjSXM60rJ4gz1m4PoZq9H7v1q9IpOdurXdzG51jrK5U9PY1MBAoHhqkp11W809t_aGxwMi7-deiz7jRi1LXfFMDhsxnkWl4LGBZYu04fTiWMiMIX587k-P5sYhMGbnHSC8swQCn7yA0qfQ2rCB79OCWPvsc_4htd10ub8QvtaYGwzYRbSRJp9AvBFd9c8qyCmI53eL37nAn_8Pa3CPH3AkVzEJksRuP7Gr8LfCnYSlG7hGFT27lqufd5FJHvJBv7huC5SgwLiQ7DTfTtQypmQ_VWATz-EEQg_0I75toGkojJv2HV86RWa11Zocf0NBlBrIaE8gj_2cdaAx1BMDxcyroSyyxQMtP2YotGI_PHqOt4Z7ykiXY3qCJdZynsExtMMDtpq-Ft1r8NQh1lWAL8Bvy5CI7b5zZ32nf4QSGGqvhm0s_A990FJO0JrHVPON_oX9UkY1hwMGExKFYagzOKPZMbXwievoAaNhl7nc69RqkRdVSqQZr7g-KlUJ9iZ9CG3j1JGGBKWBTGugRx0b2ivGTPxijCUjElhronYvQIAK92pH_UVTRfWGJ9rwusb8zgF5ITRFDtx3lojajd0GlviUr4QafsdZXVJ434HnWYK-13zO8j4pXlLMGiMqGjVLtekB-hG58IzuvODijtRw6eXzOuQ2ZVn8cu3VbygFW3QN5annDLjI9E9IDqjQHAfGCHREmR65cZhgB4krfnYH8JSVUmJoC6svejjWg2H7T-BvU7TK7jxrAVtXXOSUVMT-Abfo3-QnIKAhmKvhwO6aoh94yPKBpw&cid=CAASBORoWXY&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

fde518714138c4aac5db7d389fc31d4edfb73fd8c7c379aca4c122f5214456db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12753
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5534 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2O7kWqWnYNf-K8mx-gaiybSICs6R1-ZizcX9yMsN2qrj7ZwkEAEg6ujyX2CVAqAB98-q0AHIAQWoAwHIA5sEqgTnAU_QV8-PnXTa4QmIqqIQcha7DUN5t1HFrqBejuYFBkfgh5cHJMdg6EZbwtLESRAOQB7S_1KDaNSn1mT0idKUi-5NndMR6OTWzfxSK194kvoeQO2rmgwPCCIV2iFg_w8zLQLaICRdJEnZQzFt5gx1LBCFnQonBrwjaHsd-mckaK4OAvpKSJHTC5QM5p6af3rkki_nsYc2AdUdtjlcCz_v1ObizIilyqpYIjzkr0bx13mCLY9MzDKnS-ec577wbHygZhLN2xwxOYxg3dMFhPdHeDct0mTvpn_7hkzKc3_lhqc_LcfSrhx9JcAEsNS91MYD4AQDiAWjsLyNMJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH8a_VrwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAPIHChCD8WkYkdmrpwHSCAkIgOGAEBABGB-ACgHICwGwE8K6ywvIE6_M7NwD0BMA2BMKiBQD2BQB0BUBgBcBshcaChgIABIUcHViLTM3OTk0MzQwNDY0MTY4NjA&sigh=DMsM-Cm6Y3A&cid=CAQSGwCNIrLMJ0vH6NKSj2oYbyrMZIjG0NSJHVIeiA&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=12173733&adf=1690745966&pi=t.ma~as.4379732321&w=998&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=613&idt=81&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280%2C475x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=EUFPVpzcyA&p=https%3A//sap.trackingresi.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 12:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5534 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc0a115e47f66dfe7ed31d3e3d0d52da6e946a3fb8a305025813eb2c29f4ade8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1334 0
20 B 14ms
13ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChYIASoSc3F1YXJlLXJkYS12YW5pbGxhCgoIAioGc2VydmVyCjEIBCotbXlzaWRpYV9hbmFseXRpY3NfZXhwMyxkaXNhYmxlX2h5YnJpZF93cmFwcGVyCgcIBioDMjAwCg0QAyEAAMhwPWB6QDAECg0QCiEAAADY4Hr8PzAECg0QDSEAAAAAtpmZPzAECg0QHioHNDc1eDI4MDAECg0QGSoHNDc1eDI4MDAECg0QDiEAAAAArXqUPzAECg0QECEAAAAAwG7ZQDAECg0QESEAAAAAgGfJQDAECg0QEiEAAAAAAAAQQDAECg0QEyEAAAAAAAAAQDAECg0QBCEAAMwdhY96QDAECg0QDyEAAAAAQriOPzAECg0QFCEAAAAAgLjKQDAECg0QFSEAAAAAAAAYQDAECg0QFiEAAAAAAAAIQDAECg0QBSEAACyF65N6QDAECg0QFyEAANgdhfl8QDAECg0QGCEAAIh6FGB_QDAEEhpDTW5lN1piaDJ2QUNGVmkzZXdvZHpYOE0tZyIQdGV4dC92YW5pbGxhX3JkYSgD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/206e6be5a1eb8d32b9a41c146f639315.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5534 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 19:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320316
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 19:21:03 GMT

HEAD
H/1.1

200
OK

file.webm
r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 5534
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/acao,ctier,expire,id,ip,ipbits,it...

0
0

21ms
6ms

Fetch
video/webm

2a00:1450:4001:56::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/33279F0022933E5106D3055F6E1E6A069ED7AC25.3D70DDDEBAF188D0E8E5C1014FF55927D1A5CB19/key/cms1/cms_redirect/yes/mh/Ol/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1621599152/mv/m/mvi/4/pl/44/file/file.webm

Requested by

Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:56::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 21 May 2021 12:19:39 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1984856
Last-Modified: Fri, 30 Apr 2021 23:52:13 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 21 May 2021 12:19:39 GMT

Redirect headers

date: Fri, 21 May 2021 12:19:39 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/33279F0022933E5106D3055F6E1E6A069ED7AC25.3D70DDDEBAF188D0E8E5C1014FF55927D1A5CB19/key/cms1/cms_redirect/yes/mh/Ol/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nl6/ms/onc/mt/1621599152/mv/m/mvi/4/pl/44/file/file.webm
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 73F4 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Mon, 17 May 2021 19:21:04 GMT
expires: Tue, 17 May 2022 19:21:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 320315
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response
pagead2.googlesyndication.com/bg/ Frame 73F4 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 17:34:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 67513
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0
expires: Fri, 20 May 2022 17:34:26 GMT

GET
H3-29 200 file.webm Show response
r4---sn-4g5e6nl6.c.2mdn.net/videoplayback/id/29207052315c0653/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3764274735/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 5534 342 KB
342 KB 14ms
6ms XHR
video/webm 2a00:1450:4001:56::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:56::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f1368b23cb0af105db798d570234d499b4618c888f4aa324d062095eb0b55f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:39 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350000
client-protocol: quic
last-modified: Fri, 30 Apr 2021 23:52:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 73F4 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BujmSW6WnYOaiFZTensEPnPGowAoAAAAAOAHgBAI&bg=!BgWlBUHNAAZ7hX_Ue4U7ACkAdvg8WpS1nvLppGKVBvRY4pUlyKeYtV8NrRC2p7Ro6tpTEFne-Q_LJwIAAABRUgAAAAhoAQcKAEO880CS0XUOPqnpdI29g0UPZ2wqaiUE7NDuij3-cpobbJT6tNolsRb5g9-jtkM9Ew-Df7zv38O2ZiN8p7NPH9bdkLXrmQJ0MIs1bHdJfFXidbL0FuFFgtjPcZfPfSx8s5sV6K2uZKNs8xOJvF0a5g61sM186honJwlQncENX2Qa1e5hLtYU9d_uw_cq8WdRnYw0r0yg9CpmrUBIu1j-6V7ThPrykEDqP0vpVV27V0FNFBGjTqY9EX_p_Ob7P0rIegoNb9nAVOc5jt92yUbTKkkWatLljj8LqDdiW9MMSc2bUbWnb9AdXJPEYGVQRHMjLgmOFGZbIV9PT7c46-uqMl5QRsjYMfymZtyL3arEqGCq_1t9OXXhzNLxjit8Ib-Qhm0RxGzkWmlzEwKJcWkD7jY3JcOMH4ZdfTUmiHorlBNHjbeShjBJvgv9lmaBNtbYTmogPbPkOcaazQC87vCfHWKdXME73Cire22ddRKooxhUnMH1WoH7Lyn1w1VIeiNSnibWcTT3m_osUwoZhpu1svoCjbeVtgeil8TPrwWzixHOG0h8gaGxptmPnpRa7q2Lt2qtKJaP9s23AMWg_D_WBKoHf8W1y2TuaGEVS8kjvdWMjBoC0AlBDKxezw2Jk40B7FP-PzG2SZEQ6yXTk0IbpDFVRDIrt2jgY8eC_MfCcsQoCCledALLYbBZDL78LGc-WJx_XveLscBhrFjic_UuuI5gGPgvpcjX9rERpA7arj5UmmBJwvt9AscEP3EazAnlyMdHKm0Z8YOsx6S_RZHMM2svn0Z8imwo79G4NcKfSHRbV1_9cTbfoHebJOiSTJsVptWlS9tX9MWSlML90I5N74Dh4_ghhoiwD2-Yjje20EhMUsa43V_9mlZPnaAg86rn6TPVpwHXrH7Yxyx6GMxQwhL9I15POyVxR4Ig2Q

Requested by

Host: sap.trackingresi.com
URL: https://sap.trackingresi.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9D40 84 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 23:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 21 May 2021 23:29:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 9D40 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:06:04 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 9D40 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:16:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:16:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D40 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424119306032"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36804
x-xss-protection: 0
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 9D40 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Jun 2021 12:16:47 GMT

GET
H2 200 3957150659775619439_4008853273898286633.gif
static.doubleclick.net/dynamic/5/50115700/ Frame 9D40 2 KB
2 KB 7ms
6ms Image
image/gif 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/50115700/3957150659775619439_4008853273898286633.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

598f19ff95f77d55eb615db231d4807332f12bcd7920369a2266a4dc740191b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:35:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 May 2021 13:38:34 GMT
server: sffe
age: 272677
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1596
x-xss-protection: 0
expires: Wed, 18 May 2022 08:35:02 GMT

GET
H2 200 10972231072244707393_8197585141179877147.gif
static.doubleclick.net/dynamic/5/50115700/ Frame 9D40 4 KB
4 KB 7ms
6ms Image
image/gif 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/50115700/10972231072244707393_8197585141179877147.gif

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe6e7768e721148a78c2b81c085f7a712870ce007d7b5c38bfeee0fde8d1f1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 13:04:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 13:33:14 GMT
server: sffe
age: 602110
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4241
x-xss-protection: 0
expires: Sat, 14 May 2022 13:04:29 GMT

GET
H3-29 200 6908947609828019434
tpc.googlesyndication.com/simgad/ Frame 9D40 29 KB
29 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6908947609828019434

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ab8cc4f3a7cd925e86b72b10530fc8c427bd053c1a1c858f08d53bc346f592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 23:31:48 GMT
x-content-type-options: nosniff
age: 305271
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29464
x-xss-protection: 0
last-modified: Mon, 17 Dec 2018 09:53:25 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 23:31:48 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D40 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvANjWqWnYL2pK4OL7gOmrZaQAvGLu-JinuCTyb8KjbHApucWEAEg6ujyX2CVAqAB1ZT-xwPIAQmpAuN2vjSvf7Q-qAMByAPLBKoEywFP0NhnaUTyejHEv_JrG9ZAfKfhDcnAz1RQdR0vSKjIr8Or41AdmaT_6GkK5NTG7ZIAmmRNMuxZvTSkfOu_WMyhOso0UtFXgm9X56_blRCZlvIq2_XdcKnmIR7lBZCtK56ywKj6-qQj1M83k7aAJZgM7IVvWYeDrYNYXVNFXRssTi7Ah3bue_-OIgZ0xEfYmllh3NDUQM4RIZ1EmqOslu4pCe02IcYMfrkCJE1K8J1aS11oZ1VBuLLi4ad3HuShuJKKvz_2vcgeTWmKj8AEz8vCyYACkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7y_qS6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJ6bBtIICQiA4YAQEAEYH4AKAcgLAdgTC4gUAdAVAZgWAYAXAbIXGgoYCAASFHB1Yi0zNzk5NDM0MDQ2NDE2ODYw&sigh=MM30XTYrrTM&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 12:19:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7AEC 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyoguK2ZM7GbmCGjvOjjzywA22_hf7wPzReqHl85IQ4Aa_p_zH8O9xii4u8AU; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 21 May 2021 11:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1349
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9D40 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb10af24ae849c7aa0dd34cb514d5d89f6237132b7bd5bc6cf165d01ec55c8a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 32ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0558e011e4d803499fedd196ee4d9805fe969f55f156c2c6cdc9c3be72641f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 21 May 2021 12:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7AEC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyoguK2ZM7GbmCGjvOjjzywA22_hf7wPzReqHl85IQ4Aa_p_zH8O9xii4u8AU; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 12:19:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 21-May-2021 13:19:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 21 May 2021 12:19:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 21 May 2021 12:19:39 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F4B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2072968987&adf=996599397&pi=t.ma~as.4379732321&w=460&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=460x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578606&bpp=1&bdt=611&idt=71&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=311&ady=910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YFOEc6RtE7&p=https%3A//sap.trackingresi.com&dtd=74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 00:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 43316
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0
expires: Sat, 21 May 2022 00:17:43 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 12:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 21 May 2021 12:19:39 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 09EC 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sap.trackingresi.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sap.trackingresi.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 21 May 2021 11:50:54 GMT
expires: Sat, 21 May 2022 11:50:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1725
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 09EC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 00:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 43316
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0
expires: Sat, 21 May 2022 00:17:43 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=3612378438075647&bg=!AAOlA0fNAAZ7hX_Ue4U7ACkAdvg8WkwM4sUfOT01B4409gvcXlpn-ppTr6T5FekGBYajeKEVogK6NgIAAAA_UgAAAAhoAQcKAI5Oy9jJgp45FatEVw5gz9ZgTpCOgRx9BkR1zV3czVNUapQOutBlWWZkHRvCN1hwxRp_-LrxL0yihNiUkYa5Hgekw1vK50Z78REKXFwC6EGNzaoqZW2lj7Pf3cqBICLhedPzjBJrv_wOICOZSTCwGp5ti21LkXviUMNt822_0vkfPmSKA27-l25soE_FfkWwmQJAlWCAZgQ9rZJ3Z2ea2ni7u2BmFWdrP62U_RZ5Xwdc3DMXBqwQYPoFsYo8iQvDI7U0lLFCpAcQIyY4rbzkp6gIzKsWapjEPKh8IRGTL6Q2vI_PuLmAQ2DQT87VNyvWI4qpukOvCSFLGmG8uOl-TUpRCBrRp1ojYW6-6TOm8z6mWAUc7eTznfiwEPmVJl8piebtLeVez2ZlBOV-H5x0aaH2obqiVFQrlAqOTN3COwANlky7fZn_fok9PxRNfFdY-vOzBzTsjBh6lEGLDXAd_bvZQCIxh4suHPS0j-MzATwX1XvsNrDHTw6mAO62_qGfy93yVneCUFV6YLlysHfGFdvZ4X9Go2Rp--224o2UUQdXmqSLPe-2dY4Bb_qJ39RAYeDjxvN8gxrCFG8xXer2a5xHtxIIejJ6fNGh6kmwT3KrqwN70DwfgtjIREuMzzbENCQH7gg6_HlvSJh9Bf-EKy-pTKBXvp7jcEFfvYQhSySWU0aASgzDEK4DjHNspDjq9-5tPZwCaTDsY-nXyafTfRiqmcDd4op-_56YUxrs1ibQa-_0zP1MT-2t6J7Fl7xwp7oJ8yCM3QkTxAPakbdAVyYa4ORxBqzNxt-1Dd-mj-POln4SGmiGYC-y5dxpCFpJnR7J5sSKNqCDM3Q_hDrMPYSjXyrYbPdXlfp3_comlZU8emdJbgb5PEODyA0qct-T5EIJrgVQqD9Wjsx_Wr9FOU2z2FWQcLEzONEbCuCQkbeKwRS_vS5S6TKvUr0jlrFqq9Te

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sap.trackingresi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1334 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8Y6RWqWnYMnJK9ju7gPN_7HQD-LUl-hikfaw7e4NChABIOro8l9glQKgAcHUwbQByAEBqQLjdr40r3-0PqgDAaoE0AFP0B6HcM1C04v_KI_vZ1sNbhyJl7Z4neZmklUQ4aZxpcJ1KB1yiRqLqwnOV1lN-2OANTjU5PbE04K82j5kuucO3ZE5oPx9VwxF4Kkv_9hLFnunjjkRBcqNsCVldPihgLKFJCovskeqENRq9nbTx1KNkA6c2hmoeaooAAUzz9Cww3IKnSiKwX-DJag0mwlIv6EI5S99r7AHI29wlv4uMKtjzfJFPYKms5hhHLgb459-sMtVcHWb5VOJdFdhIiuo73FSicRnYaHl6JfHvd96blyTwASghuOuzgOAB6ervssCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMn4A9IICQiA4YAQEAEYH4AKAcgLAdgTA4gUA9AVAYAXAbIXGgoYCAASFHB1Yi0zNzk5NDM0MDQ2NDE2ODYw&sigh=3lZPFj6-WSs&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3799434046416860&output=html&h=280&slotname=4379732321&adk=2372033063&adf=2488844052&pi=t.ma~as.4379732321&w=475&fwrn=4&fwrnh=100&lmt=1621599578&rafmt=1&psa=0&format=475x280&url=https%3A%2F%2Fsap.trackingresi.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621599578607&bpp=1&bdt=612&idt=76&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C998x280%2C460x280&correlator=1729969130723&frm=20&pv=1&ga_vid=904924544.1621599579&ga_sid=1621599579&ga_hid=611261352&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=791&ady=923&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060972%2C31060973%2C31060840%2C44743002&oid=3&pvsid=3612378438075647&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ykZBnGEtgF&p=https%3A//sap.trackingresi.com&dtd=77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 21 May 2021 12:19:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1334 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswKQk1nX7OYSdp5WtGm2RTf-dJY5aBxl7nxr4BnJKJHwebyDr0hX258FY1YxemwmL_NmVzhuUsS35n6IuUT9TVBciuRLjfIlpkks7ADOxZsi668T6WGV9lfob-ug&sai=AMfl-YSodqjxDFvZJG5dPWti1l1Ny-NDlFb9gfMDp_elf46mcb3pWguJh9tuL7mH3RwV-31G91-ecYMUXBp-&sig=Cg0ArKJSzHa44zLkhV4wEAE&id=lidar2&mcvt=1000&p=923,791,1203,1266&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=22&adk=2372033063&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621599578686&dlt=377&rpt=34&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 5534 0
17 B 530ms
266ms Ping
image/gif 2404:6800:4004:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~koyair9a&c=1770331476106&slotId=885165738053&qqid=CNeT7pbh2vACFcmY3godoiQNoQ&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=869&mt=video%2Fwebm&vs=1280x720&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=45&vsrc=doubleclick_dmm&ple=1&ape=1&umsem=1&met.4=msms_oso.mr~lvlcl.ny&msms_mime0=video%2Fwebm%3B%20codecs%3D%22vp8%2C%20vorbis%22&msms_cs0=350000&msms_ns=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210517_RC00/outstream.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D40 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFM_enfoyRNMB_jwKivNAKaogxtjnoehrCfK9wI3WkD5Zs-42G9uSFo8bY8weUyRALuVPCQQngf41OKw4rWV6Pl683m1Rfp3Sd9YXCHcR8ogDGlQaptCZVzI59Yg&sai=AMfl-YSUvSvXLNHgqdqJbLBXe4Jhf97L_da4dtFfmEoVzP0h0B8r2nJ3s6Yfh2GOUcMLdoURK-34A0v5ovVO&sig=Cg0ArKJSzMBRw7jtS_WkEAE&id=lidar2&mcvt=1000&p=910,311,1190,771&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=21&adk=2072968987&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621599578682&dlt=873&rpt=36&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 May 2021 12:19:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:26:40	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 18:26:43	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:48:15	Name: IDE Value: AHWqTUnyoguK2ZM7GbmCGjvOjjzywA22_hf7wPzReqHl85IQ4Aa_p_zH8O9xii4u8AU
.trackingresi.com/	1970-01-20 03:48:15	Name: __gads Value: ID=b4ca52473f232af7-220ff7af45c8007b:T=1621599578:RT=1621599578:S=ALNI_MbhnyW2luvzW4gdLZEQmuUeICKGoQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bid.g.doubleclick.net
cdnjs.cloudflare.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5e6nl6.c.2mdn.net
sap.trackingresi.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
128.199.93.51
172.217.23.98
2404:6800:4004:80e::2003
2606:4700::6810:125e
2a00:1450:4001:56::a
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2006
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
66.102.1.156
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
0558e011e4d803499fedd196ee4d9805fe969f55f156c2c6cdc9c3be72641f5f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2285655e0a85399c38e23d4dc3d48a0057857faa7959bca63b24d7fde79dc813
2f8135f4e2080aec7c05e37b9c8605ddb4cd696efafe62a57353fe144d573803
34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6
38f87be3b4597fc42b808be89c102852102b4146bac27fab4c39b4c1bd1ba790
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3ae4acee7502a40fe0c4bcd8d62e5d0d09295386ca1d16ff068a380569a9504e
3b9cfeac7f75587282f065912c9b7da48ed827c05e871bf2dc405518d712e6d8
421b2b6503024831d0804a4dca8f0543559b2d4bcb377c967b02b2b027ea136a
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54ebb0e779b6407186430ed0813c634c68376f244ffa156426cb436e88261283
598f19ff95f77d55eb615db231d4807332f12bcd7920369a2266a4dc740191b2
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74406c3c8733906943721961d853e646f93f4810484fe476e8512247b52cf181
7536951a28b4722de009d6716528cf77679e5c5730ec263fa20eb2972b26ef76
7728e8ad442a2784b3d3c61ee1870ffb6ec65437ec88bc347bbc7b01bb969865
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81dc030325da7936333409e93229e0bd0d9a7ea862bbc524ab126a2f6b70b9c0
83ab1b34aedd181b8ad765bc647a5bc62f31511ee8fd57f4d7edca334c46e14c
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
96ab8cc4f3a7cd925e86b72b10530fc8c427bd053c1a1c858f08d53bc346f592
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa80c4b2c5352851ad79a0641dca5435fcc36a204ca765c6ad8e6468335e6126
ba23959957d961e0c4527a769b2249a6f37e247c1da3412d2eb5c9060062d535
c3829a849ae60bda33939fde66c4295bb0b4ff6a6c3475ff0b517f314eb83531
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
ded6e23000b63bd61110fcff0f57db866f7caf1cae805502e01c3a65ed60a972
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0fc32fda7a933c1f82148b7201729627deeb7860802c65366a202925601bb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1368b23cb0af105db798d570234d499b4618c888f4aa324d062095eb0b55f49
f2a372bba83817a407f805230bc2f6bedcb268bb9eada4cbaf9ff740f3895e1c
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
fb10af24ae849c7aa0dd34cb514d5d89f6237132b7bd5bc6cf165d01ec55c8a9
fc0a115e47f66dfe7ed31d3e3d0d52da6e946a3fb8a305025813eb2c29f4ade8
fde518714138c4aac5db7d389fc31d4edfb73fd8c7c379aca4c122f5214456db
fe6e7768e721148a78c2b81c085f7a712870ce007d7b5c38bfeee0fde8d1f1a5

sap.trackingresi.com Open in urlscan Pro 128.199.93.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

84 %IPv6

11 Domains

20 Subdomains

18 IPs

4 Countries

1188 kBTransfer

2427 kBSize

4 Cookies

1 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sap.trackingresi.com Open in urlscan Pro
128.199.93.51 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

84 %
IPv6

11
Domains

20
Subdomains

18
IPs

4
Countries

1188 kB
Transfer

2427 kB
Size

4
Cookies

78 HTTP transactions
3 data transactions