rate.ee Open in urlscan Pro
212.7.8.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rate.ee/l/f9aa724959/231024/2289929/guessme::guess:::game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxL...
Effective URL:
https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=...
Submission: On September 25 via manual (September 25th 2023, 7:53:59 am UTC) from EE — Scanned from DE

Summary HTTP 134 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 15 domains to perform 134 HTTP transactions. The main IP is 212.7.8.176, located in Estonia and belongs to Infonet, EE. The main domain is rate.ee.
TLS certificate: Issued by R3 on September 17th 2023. Valid for: 3 months.

This is the only time rate.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	212.7.8.176 212.7.8.176	8728 (Infonet) (Infonet)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.99.51 13.32.99.51	16509 (AMAZON-02) (AMAZON-02)
5	2001:1b28:4::... 2001:1b28:4::8:176	8728 (Infonet) (Infonet)
1 1	18.202.104.29 18.202.104.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.54 143.204.215.54	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
5 15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:d400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.120.109.48 3.120.109.48	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
134	23

11 212.7.8.176 (Estonia) 1 redirects

ASN8728 (Infonet, EE)

rate.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-51.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:1b28:4::8:176 (Estonia)

ASN8728 (Infonet, EE)

www.flirtic.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rate.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.104.29 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-104-29.eu-west-1.compute.amazonaws.com

payment.maksekeskus.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-54.fra53.r.cloudfront.net

static.cc.maksekeskus.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:d400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.109.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-109-48.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	623 KB
17	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	210 KB
15	rate.ee 1 redirects rate.ee	422 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	211 KB
11	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	597 B
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	7 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	341 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	1 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5575 buttons-config.sharethis.com — Cisco Umbrella Rank: 6495 l.sharethis.com — Cisco Umbrella Rank: 6038	47 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3974	515 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	87 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	maksekeskus.ee 1 redirects payment.maksekeskus.ee static.cc.maksekeskus.ee	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	147 KB
1	flirtic.ee www.flirtic.ee	2 KB
134	15

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	pagead2.googlesyndication.com	rate.ee pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	rate.ee	1 redirects rate.ee
10	www.googleadservices.com	rate.ee
10	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	1 redirects rate.ee tpc.googlesyndication.com
2	www.google.de	rate.ee
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	rate.ee connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	rate.ee www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cc.maksekeskus.ee	rate.ee
1	payment.maksekeskus.ee	1 redirects
1	www.flirtic.ee	rate.ee
1	platform-api.sharethis.com	rate.ee
134	23

This site contains links to these domains. Also see Links.

Domain
uudis.net

Subject Issuer	Validity	Valid
www.rate.ee R3	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
www.flirtic.ee R3	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Frame ID: 41C19E58B71A0A5FE5F1310C50C80F79
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: B793D23C4B335F57F126F3071B6A9EA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&adk=1812271804&adf=3025194257&lmt=1695621234&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628433952&bpp=157&bdt=144&idt=410&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5043394336544&frm=20&pv=2&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=433
Frame ID: DCAB4471B1F8A232EAA939785D122B29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=90&slotname=6088921234&adk=234467127&adf=2725398064&pi=t.ma~as.6088921234&w=728&lmt=1695621234&format=728x90&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434111&bpp=12&bdt=304&idt=279&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rW6tuXT9IL&p=https%3A//rate.ee&dtd=285
Frame ID: 00BE398FE005D0100F545D0BA6451897
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=600&slotname=2047999216&adk=1610738455&adf=2555147040&pi=t.ma~as.2047999216&w=120&lmt=1695621234&format=120x600&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434132&bpp=13&bdt=325&idt=269&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1172&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4FQTZ5zDPo&p=https%3A//rate.ee&dtd=271
Frame ID: 69E865C12F4F935A58E288CF9CBFCBC5
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: D6E79AAB46DB4C9DB32E6270AE98DA33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2D3DAE34EF7DD1C4FAF10527BCD4A7F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: AF397176F481E698618024424E176664
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DAE7DDB2513598445CB02E4D44FA9C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D4DC0146B37A8F7D7408D08FB9C56684
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 75093991638DFEA3D19D63A8BA185DB4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF73754E5797ED435531DB14A1A4A40F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2F58AD50B2C8D98D1F93234369CE2759
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1
Frame ID: 189F341381F1067A51228DD1678B6A9F
Requests: 14 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019
Frame ID: D77DA89863EF1FAFA9963D5E28165620
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: 3E02EBFE823B8F006BA93B545C7E40EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: A03131E426CD5C6F8B5891B39E7FB873
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: CB4F13D49E4986947F4DDDB79C78D19A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js
Frame ID: C95E6A8A9B59F6F31548A21E680D6CCB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mäng "Vali mind" :: Rate.ee

Page URL History Show full URLs

https://rate.ee/l/f9aa724959/231024/2289929/guessme::guess:::game_id=475518161&str=MTAzMzU5N... HTTP 302
https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAu... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

134
Requests

96 %
HTTPS

74 %
IPv6

15
Domains

23
Subdomains

23
IPs

5
Countries

2132 kB
Transfer

6447 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://uudis.net/?utm_source=rate&utm_campaign=rate_footer&utm_medium=footer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rate.ee/l/f9aa724959/231024/2289929/guessme::guess:::game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D&hash=54800&mst=3ec--2289929--gsm HTTP 302
https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://payment.maksekeskus.ee/checkout/dist/checkout.min.js HTTP 301
https://static.cc.maksekeskus.ee/checkout/dist/checkout.min.js

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=CkCKnkjwRZfDaGpad78EPzOue-A7c9eaPc9m7_pLJEebm_6ucMhABINXzlBxglfrwgYwHoAHwvcb2A8gBCakCYTFGH3HfsT6oAwHIA8sEqgTxAk_QQIJ2jgVPrTXk_DdSkN-0kCmvcmKw76UzNUGJ4sgvIAaWSGknPbWOJEiZLveEA7LfrbsdQqOowGSRPaw6WugGCWZBZMiN_g70EtUaLCRVIJQlTs2mO84qHBT5Enq3kD_L8kGgwYrlY2VUCL9dnxHWPFxGh4MYilP6KJmIXYZZNNjF2MvDLAekqgYrD_fO_I5j0QZH9rq7_8p0CB0mJ4h9mPqULxxo5CHT9TzT5xBpbRViUDzJWwixQMCYBpACTZILGVkXk3P4qE0wRyOGwJnGGTnxzGFG5JAmePtjD7RxJNwXN8VMh1xMs9H5WtUvsq42k7PdCAo-41tTrpaly9IOqW5EUAaEIwKVdZ6Q3uvCKB3kSXk6f3X0khqNnZstPVsWtdduVWY87vUe5-9RkqTTJXhPvPTvItW2NJTsZ83Rk3qw93z6jh75ztBTRW84S-twnCqBnoKret_O3e2Gj_l5px_TX5_KYQff1jZvkUvh0MAEr67Q0YsEiAXqmJ2nQ5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf4wbkJqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzv0b0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJdWh0dHBzOi8vd3d3LmdpZXNzd2Vpbi5jb20_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPVBtYXhfREUtQUxMJmFkZ3JvdXBpZD0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPYAKAcgLAbgT5APYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNjI5MzQ0NDI4MjY2MTI4MxgA&sigh=wOPKydL0d-Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNK7ZaBbVMq-o0NnTc8MCdXxK5HUISVRgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226273178299516802693%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053925104%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211941562349613577505%22}&andc=true

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://googleads.g.doubleclick.net/pagead/adview?ai=CAoxCkjwRZZ-qGp-m78EPwsuO8A3U1aeBc6mZ2L2BEv2B5LbrAhABINXzlBxglfrwgYwHoAHKv92cKsgBAagDAcgDywSqBO4CT9B4v22N6tuZh4OAVry-jkzizxsNSAhtS80EBpTq1_joLvDEXQn9mCKJgIcFdh7GQfUujDWDX61QrxdYwPfiypkPQrWEmHOYNStR4AfO50ZdUDNieOI5D5EM5Pb5d1l4aR4V5aErrFHb9gjMZK3ojLDFJKauaNA5srbddl-T-GbJHfa4zaQY9crUK-18fobNSX6MVYUGCehC0W-36s6v8mxGMHvxvFH10EqlBGAqLyNjPPfwIEgGiN6flAs8lJGiabnJ4B4dKU5TMrYdWCXQ7kugJMhcPX2FAt7RCsdQrormWDWSxHosgNFpZL8N8L8BcVbNwVwn2oIv1nqB4Wq-yBAFhoy4GoiCnPt0M2UqfjIKNVbCVXg0I6JuJC_BZhNzHgSoPnTFs7FqvdCiBeCEOHt08J3DO-RvZW-ZX0qeH5UVfrT3Dw0qye0ll0i0RZ5H8IxfVNOODMc3ddhJbzUQEgRhez3JwxDgc3_rfhLDwAT7uuvgvASIBfznjMpMkgUECAQYAZIFBAgFGASAB8r3rfwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnr4k0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJ5AFodHRwczovL3RvcHByaXplZm9yeW91YW5kbWUub25saW5lL3Fka0tGMlRmP3V0bV90ZXJtPSZnY2xpZD17Z2NsaWR9JnV0bV9jcmVhdGl2ZT02NzQxMTU2ODEzMDQmdXRtX2NhbXBhaWduPWQmdXRtX3Bvc2l0aW9uPSZ1dG1fbmV0d29yaz0yMDU1NjQ5MzgyMCZ1dG1fdGFyZ2V0PSZ1dG1fcGxhY2VtZW50PXJhdGUuZWUmdXRtX21hdGNoPSZpZEFXPXtJRH0mUFY9e0lEfSZWST17SUR9JmlkQ29uPXtJRH2ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjI5MzQ0NDI4MjY2MTI4MxgA&sigh=i04NnrAztRo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNzoE-Fckkxpa9qMjaXPRzXe9J8bEhUBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227774183008509145905%22,%22debug_reporting%22:true,%22destination%22:%22https://topprizeforyouandme.online%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211334541258%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213423065737176245873%22}&andc=true

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=C2AMzkjwRZYPwGY2z6wTe3pnYBbLsv9Jvy4rTtNgR3NkeEAEg1fOUHGCV-vCBjAegAdHyisIDyAEJqQJhMUYfcd-xPqgDAcgDywSqBPgCT9ArAC8bXlunekBW73vtK0CugcJZWpzY1UqjjQEgUGoIOIS9O9QiT2qj23uqfEbXxfvhq4ngPjT3mQldgZjQ-_Cw9nsdzZi7ZcKUc4rZroWPM2bUOm1OmUCslYiIvtucttJ-Hh3DmspUyIQVDQOAqHueCPCnEuPIiGSVPysLHue6yRYuJizirlB4XNoHgpMItEDxHbAQo8uAqsyNN2__TxtHGNJOqMj7_rA_PVlpIgYH6O5hyaT46VCos5SJSfuW6vsx4aKx9IpM6cEJXBueLS4kHTgOCgrbS9lfpdQfVcxcaksrEMmdsPuue9OYMJZBxmOYgwY4Rld4VpdyYpMWPkQJHvsgkU17IIOarO9wqgp7dH-F15j4ekujd6PJaE-95Z3Y5fd7R-jUd_sUTrlRGUjB3d4t3vF-JHOZgoU16HPQY0zjNagjly6Wvybl5u042XQXby6XrqzXZ8GZ2vZ1HpghgS3lqEc7Tb7pWlBHaIVJeRuaROSFyMAE1dKJ7bQEiAWN0_j7LJIFBAgEGAGSBQQIBRgEoAYugAeXjfU9qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQg5AN0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8vd3d3LnNlbmlvcmVuLWRhdGluZy13ZWJzaXRlcy5kZS-ACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjI5MzQ0NDI4MjY2MTI4MxgA&sigh=e9_muW4dKHQ&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNzrdkxphDNrUqFPZBFzWKeTcLXFldhxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225238153908093075732%22,%22debug_reporting%22:true,%22destination%22:%22https://senioren-dating-websites.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943896913%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222570970716887676209%22}&andc=true

Request Chain 131

https://googleads.g.doubleclick.net/pagead/adview?ai=C-uPhkjwRZYHwGY2z6wTe3pnYBbLsv9Jvy4rTtNgR3NkeEAEg1fOUHGCV-vCBjAegAdHyisIDyAEJqQJhMUYfcd-xPqgDAcgDywSqBPcCT9DsdYF93QS9EPkRYlRfnR8jHqe0CC4GeWYDSD8IqBvA9B2qAY-X6oWN53fujh-gGii15BCIj-sTuxNBDFteUKu32G-acIdV-gW_8ipcXtJJPHFy_Ys8XlRIMHMpipmxjMwxqirOxxxLKkQ3nFnBK7XZCZGbWWFV3NUWwevOwolf2xvk_-0Dz8Vs6A9ehTj8XkiF_qFsQgXOimNUXay85FgB4dKtAo_Dsab-JCfWGxx_GIcNFQCiiLV9lEDckHwn7YUFUuWZVIl_zugwkKPqzwakuRWI3LYi0UDRqmbA21hf5-q6oqBy14qKB6yGpCTL7plY4SSm4SULRF9OiRceph9pBPoauhn9zEUUp6a02AbHS3vz_5oRXXJdwn2wxsKQ5QHOWacIz0ORS3lKeqjAnPugXdyAaLgDtzGOgHJJcoNknUykmvFOl2-yMewOfHyiz3216RYU3u0BJtWIS0J41d0CuVEy_FB4tgrVpoTX_-ZTrSVA89X2wATV0onttASIBY3T-PsskgUECAQYAZIFBAgFGASgBi6AB5eN9T2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCI0xLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkoaHR0cHM6Ly93d3cuc2VuaW9yZW4tZGF0aW5nLXdlYnNpdGVzLmRlL4AKAcgLAbgT5APYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjI5MzQ0NDI4MjY2MTI4MxgA&sigh=IHut8ixGO8Y&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNzrdkxphDNrUqFPZBFzWKeTcLXFldhxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211751763075847476528%22,%22debug_reporting%22:true,%22destination%22:%22https://senioren-dating-websites.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943896913%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216916424571474140065%22}&andc=true

Request Chain 134

https://googleads.g.doubleclick.net/pagead/adview?ai=C7YZRkjwRZYLwGY2z6wTe3pnYBdTVp4FzqZnYvYES_YHktusCEAEg1fOUHGCV-vCBjAegAcq_3ZwqyAEJqAMByAPLBKoE7wJP0IsuEy5eFPmQ8HaZNh03bPz7CvV6Q1Rk7xKcIpJH7brgmot294aLOc_yzQkT-rj0QQ6hDMzJ_x8kqMuhcM7Y6lV5nhidWqTtk1OV1LKxxxl2pAZNth_1eWHIsZJ_oJoBHuZDKowS-IvAXDdZEpwaiaVHNCkAikqXaS9jCrt6XKiMgGGT5HkGfjvevaFxyga6h51aZ0pHPDGs6bUMoLnOBbNQAscJoexDxn0Gj52m8Qawro3tneTbatDLWLuFotDVk3bq7CK4JRtbYpRAuj_TMgjUXJMdvjzHQfFQX82gayBykmmhqoAuA9W2IPEPy8En7-ywLdKCrUNYtKQXfAEfDPdfAyrwRb4XqxjmQ1d9OH4XNZpLbDvVjM-4PmGWI79PcWapc6ShQ504hs0jlQTg2n91Klsz7iL06Hc1jEnhmniAe-0Y8_rmgI5guu-QxmIX8Zls00pSoWTGpVSNWKTvS69xbyw_c4s_vv8iePb_wAT7uuvgvASIBfznjMpMkgUECAQYAZIFBAgFGASgBi6AB8r3rfwEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQuuNt0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJ5AFodHRwczovL3RvcHByaXplZm9yeW91YW5kbWUub25saW5lL3Fka0tGMlRmP3V0bV90ZXJtPSZnY2xpZD17Z2NsaWR9JnV0bV9jcmVhdGl2ZT02NzQxMTU2ODEzMDQmdXRtX2NhbXBhaWduPWQmdXRtX3Bvc2l0aW9uPSZ1dG1fbmV0d29yaz0yMDU1NjQ5MzgyMCZ1dG1fdGFyZ2V0PSZ1dG1fcGxhY2VtZW50PXJhdGUuZWUmdXRtX21hdGNoPSZpZEFXPXtJRH0mUFY9e0lEfSZWST17SUR9JmlkQ29uPXtJRH2ACgHICwG4E-QD2BMN0BUBgBcBshccChoIABIUcHViLTYyOTM0NDQyODI2NjEyODMYAA&sigh=zjWRM1WZpng&uach_m=[UACH]&ase=2&nis=4&cid=CAQSGwDICaaNzrdkxphDNrUqFPZBFzWKeTcLXFldhxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226710934455497097331%22,%22debug_reporting%22:true,%22destination%22:%22https://topprizeforyouandme.online%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211334541258%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222585091395399244881%22}&andc=true

134 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request guess Show response
rate.ee/guessme/
Redirect Chain

https://rate.ee/l/f9aa724959/231024/2289929/guessme::guess:::game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D&hash=54800&mst=3ec--2289929--gsm
https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

27 KB
7 KB

96ms
96ms

Document
text/html

212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 / Flirtic-Team/1.0
Resource Hash: e4319b5971af5634caab019d294577446af26d180e810cbd2f92fe932a4d6f2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Sep 2023 07:53:53 GMT
Keep-Alive: timeout=45
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.22.0
Transfer-Encoding: chunked
X-Powered-By: Flirtic-Team/1.0
X-Upstream: 10.8.2.27:80

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Sep 2023 07:53:53 GMT
Keep-Alive: timeout=45
Location: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.22.0
Transfer-Encoding: chunked
X-Powered-By: Flirtic-Team/1.0
X-Upstream: 10.8.2.27:80

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 51ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130487518-7

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa123f594bff50c613493e8066f45a6e7d7bfc65680e56bc84d68ea77e0b4876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68909
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Sep 2023 07:53:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 109ms
79ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9d11da85968a6a4b33c7497f2ca42db7f86812efb66ee6f309d58d1c559ce1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50631
x-xss-protection: 0
server: cafe
etag: 4403849633385048398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:53 GMT

GET
H/1.1 200
OK bundle-2023.05.04.4.css
rate.ee/media/cached_data/ 670 KB
120 KB 72ms
72ms Stylesheet
text/css 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Requested by: Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: bdfaa4dc355826fce3573aea13b241ce82481a0196f7686eff1f2c93a504bb89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Sep 2023 06:56:42 GMT
Server: nginx/1.22.0
ETag: W/"6509462a-a7989"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=45
Expires: Mon, 02 Oct 2023 07:53:53 GMT

GET
H/1.1 200
OK i18n.js Show response
rate.ee/assets/ 298 B
681 B 48ms
48ms Script
text/javascript 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/assets/i18n.js?v=2023.05.04.4
Requested by: Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 / Flirtic-Team/1.0
Resource Hash: 80ac918a1d2f34fe675770b2d9791cda6b869612413aa1f3aadf1f25de5f3c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Server: nginx/1.22.0
X-Powered-By: Flirtic-Team/1.0
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/javascript;charset=utf-8
X-Upstream: 10.8.2.27:80
Cache-control: public, max-age=86400
Connection: keep-alive
Keep-Alive: timeout=45

GET
H/1.1 200
OK bundle-2023.05.04.4.js Show response
rate.ee/media/cached_data/ 767 KB
246 KB 97ms
97ms Script
application/x-javascript 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.js
Requested by: Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 2452bb58933ccc070d7cb8888c176e69d938257f5d41eed0bb5e1f977c8afe9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Sep 2023 06:56:42 GMT
Server: nginx/1.22.0
ETag: W/"6509462a-bfb35"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=45
Expires: Mon, 02 Oct 2023 07:53:53 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
45 KB 35ms
7ms Script
text/javascript 13.32.99.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.51 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-51.fra60.r.cloudfront.net

Software

Resource Hash

4be2e4cc6c402759c5835e32ab13cbb8bffd2f5dfd5fd269667c6b91ed10e875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:49:08 GMT
content-encoding: gzip
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 286
etag: W/"32bd5-yv+UNe3R/RtaAi3tpXP1SOqodAw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: FayikQr9DwSw1O41bpBEmepOtkAmQFnxmVElOlWjfA3nBhP-lnaNaQ==

GET
H/1.1 200
OK nophoto_m_3.jpg
rate.ee/media/img/ 1 KB
1 KB 37ms
35ms Image
image/jpeg 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/img/nophoto_m_3.jpg
Requested by: Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 08e8045d61b260e4d09c6912fe94449fe11e7ff90229c6ebf3252bd1042d58e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: "62598b47-47e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 1150
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK uudis.svg
www.flirtic.ee/media/img/ 1 KB
2 KB 225ms
43ms Image
image/svg+xml 2001:1b28:4::8:176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.flirtic.ee/media/img/uudis.svg
Requested by: Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1b28:4::8:176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 7f11be23b6de686f4dfb0717c7fc99da7d848c490afd22898c96bd4a74429e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:08 GMT
Server: nginx/1.22.0
ETag: "62598b48-5fe"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 1534
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H2

200

checkout.min.js Show response
static.cc.maksekeskus.ee/checkout/dist/
Redirect Chain

https://payment.maksekeskus.ee/checkout/dist/checkout.min.js
https://static.cc.maksekeskus.ee/checkout/dist/checkout.min.js

12 KB
13 KB

45ms
9ms

Script
application/javascript

143.204.215.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cc.maksekeskus.ee/checkout/dist/checkout.min.js
Requested by: Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm
Protocol: H2
Server: 143.204.215.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-54.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e19ada6bef2ac3d4e7a3c28001b3075c32e31ccc3232d1edd23cbeaac309be82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: VYwjZ6rvFEScOFQQWGXL_MEk.RBo8_lJ
date: Mon, 25 Sep 2023 07:31:29 GMT
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 05:15:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1374
x-amz-server-side-encryption: AES256
etag: "c00a2bcdbe11b09563318a2925d629b3"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 12713
x-amz-cf-id: 3LFphKiJyvZ2VqiJbctvtJDCfINgeE681bzGrshoXltzDw9U4GzFQQ==

Redirect headers

date: Mon, 25 Sep 2023 07:53:54 GMT
content-security-policy: default-src 'self'; img-src 'self' https://static.maksekeskus.ee https://static.maksekeskus.ee https://www.google-analytics.com https://*.typekit.net https://static.maksekeskus.ee https://static.cc.maksekeskus.ee data: 'self'; script-src 'self' 'unsafe-inline' https://www.google-analytics.com https://*.typekit.net https://static.maksekeskus.ee https://static.cc.maksekeskus.ee data: 'self'; style-src 'self' 'unsafe-inline' https://static.maksekeskus.ee; frame-src 'self' https://cc.maksekeskus.ee ; frame-ancestors 'none'; connect-src 'self' https://api.maksekeskus.ee https://payment.maksekeskus.ee https://www.googleapis.com https://graph.facebook.com https://*.typekit.net https://www.google-analytics.com; font-src 'self' https://*.typekit.net https://static.maksekeskus.ee; report-uri https://payment.maksekeskus.ee/pci
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
content-language: en
location: https://static.cc.maksekeskus.ee/checkout/dist/checkout.min.js
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block; report=https://payment.maksekeskus.ee/pci

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QM6LE11PBL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130487518-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97cb891e93d88c362cca2c8612c3760d3922c494b6e872e7456f8a720c82d8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 07:53:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130487518-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 07:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 573
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 25 Sep 2023 09:44:21 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 379 KB
129 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6293444282661283&plah=rate.ee

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a265f395b7a66645cf32f80a4d71c34199485e2fef9325c345705c74301f2907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131562
x-xss-protection: 0
server: cafe
etag: 3493247977594864007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame B793 10 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 12:04:54 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 12:04:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9cd6abaaf1c1ee1a625e52217a7ed9ffb915bd8ec0fbbd24116c38ae0b5b5948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 07:53:54 GMT
content-md5: TgeSxT2UQAqS2YeraGQvRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: TwOmjIQKN8FkedDJ9xAs4+w0UXtr5ejHwyi01uvX+NdNRvftxb4/dc/Pw+oy7bClUhfX2ks6TWFoEZuXqsHvzA==
x-fb-content-md5: fa189733adf0ac197bfa82331e45568e
cross-origin-opener-policy: same-origin-allow-popups
etag: "e3d1ddd4a559b91e35300cfc339df053"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 25 Sep 2023 08:08:48 GMT

GET
H/1.1 200
OK nav1a.svg
rate.ee/media/css/images/ 870 B
1 KB 33ms
32ms Image
image/svg+xml 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/css/images/nav1a.svg
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: f260739e4241db0d9fe2a3a8fd4f64b9c73ae245a97e29c3c2806302d46178ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: "62598b47-366"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 870
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK nav2a.svg
rate.ee/media/css/images/ 900 B
1 KB 121ms
40ms Image
image/svg+xml 2001:1b28:4::8:176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/css/images/nav2a.svg
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1b28:4::8:176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: fae84ceadbdf91e9803710b57915d93055d842e1e78acf12f01853eba4c6cfc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: "62598b47-384"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 900
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK trending.svg
rate.ee/media/img/ 1 KB
2 KB 125ms
44ms Image
image/svg+xml 2001:1b28:4::8:176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/img/trending.svg
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1b28:4::8:176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 9800fff2cb9ae9bb0b674ddc1992527b957e9be7a0d89ff50c7798aade899e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:08 GMT
Server: nginx/1.22.0
ETag: "62598b48-5ea"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 1514
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK nav3.svg
rate.ee/media/css/images/ 1 KB
1 KB 122ms
42ms Image
image/svg+xml 2001:1b28:4::8:176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/css/images/nav3.svg
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1b28:4::8:176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: a9c59ae4bf5ea442ce8e6b38355ce5a205fb365395d99002ac7f95d0ee512f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: "62598b47-4a3"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 1187
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK dropdown-w.svg
rate.ee/media/css/images/ 1014 B
1 KB 91ms
33ms Image
image/svg+xml 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/css/images/dropdown-w.svg
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 5657f186f6109246cdadd0a78c111f943df17d1579d86d1e279a107f1cb8761c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: "62598b47-3f6"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 1014
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK fa-duotone-900-pro-5.0.11.woff2
rate.ee/media/fonts/fontawesome-5.1.10/ 4 KB
5 KB 54ms
33ms Font
text/html 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/media/fonts/fontawesome-5.1.10/fa-duotone-900-pro-5.0.11.woff2
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: de4b4fdf8c32bbfd89070607570f9260398a51b4f9f944c74eb499d9a443ad8f

Request headers

Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Origin: https://rate.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: W/"62598b47-114c"
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=45
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK fa-duotone-900-pro-5.0.13.woff2
rate.ee/media/fonts/fontawesome-5.1.10/ 9 KB
9 KB 46ms
33ms Font
text/html 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/media/fonts/fontawesome-5.1.10/fa-duotone-900-pro-5.0.13.woff2
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ba429a23792effaeb138507bdd0df6278e1b83698cbec57abe90778bd36d4489

Request headers

Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Origin: https://rate.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: W/"62598b47-22ec"
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=45
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK dropdown-b.svg
rate.ee/media/css/images/ 837 B
1 KB 59ms
43ms Image
image/svg+xml 2001:1b28:4::8:176
Infonet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rate.ee/media/css/images/dropdown-b.svg
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2001:1b28:4::8:176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 3d18b05b2339f15427184f128a119e379f43dde095fede11b03e1a9fe4ee74f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: "62598b47-345"
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=45
Content-Length: 837
Expires: Mon, 02 Oct 2023 07:53:54 GMT

GET
H/1.1 200
OK fa-solid-900-free-5.0.0.woff2
rate.ee/media/fonts/fontawesome-5.1.10/ 22 KB
23 KB 50ms
35ms Font
text/html 212.7.8.176
Infonet

General

Check archive.org

Show headers Download Go to

Full URL: https://rate.ee/media/fonts/fontawesome-5.1.10/fa-solid-900-free-5.0.0.woff2
Requested by: Host: rate.ee
URL: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.7.8.176 , Estonia, ASN8728 (Infonet, EE),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: f45795e6d30a8ad5860c64ac1f02481e9e0c322b73834ff744273cdb86b7a574

Request headers

Referer: https://rate.ee/media/cached_data/bundle-2023.05.04.4.css
Origin: https://rate.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Apr 2022 15:12:07 GMT
Server: nginx/1.22.0
ETag: W/"62598b47-58ec"
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=45
Expires: Mon, 02 Oct 2023 07:53:54 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
239 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QM6LE11PBL&gtm=45je39k2&_p=2131311476&_gaz=1&cid=50141772.1695628434&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1695628434&sct=1&seg=0&dl=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&dt=M%C3%A4ng%20%22Vali%20mind%22%20%3A%3A%20Rate.ee&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QM6LE11PBL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rate.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 61ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QM6LE11PBL&cid=50141772.1695628434&gtm=45je39k2&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QM6LE11PBL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rate.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 62ms
35ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QM6LE11PBL&cid=50141772.1695628434&gtm=45je39k2&aip=1&z=1828593186

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 15ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2131311476&t=pageview&_s=1&dl=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&ul=en-us&de=UTF-8&dt=M%C3%A4ng%20%22Vali%20mind%22%20%3A%3A%20Rate.ee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1276131260&gjid=186458483&cid=50141772.1695628434&tid=UA-130487518-7&_gid=1923906550.1695628434&_r=1&gtm=457e39k2&jsscut=1&z=2063783669

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rate.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rate.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=edb3e7b3fe2cba6e52d066da182493b3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89dd38c767a799ac37b41ba6634f59b46462b8e7cbfb0945ea731159aee625bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rate.ee/
Origin: https://rate.ee
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 07:53:54 GMT
content-md5: SPZ8hrADWctw6/RgesVMHA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86666
x-fb-debug: CoIaKZhFo4vmzbPUyENDoDgJpH4DxkDfNQc4D3gqenHSislhAraNLDZccNlkCgPbpjYJp2235FeNOTlFEfrGtQ==
x-fb-content-md5: eaef2d0fa42d8dc66d998a14bb21e50c
cross-origin-opener-policy: same-origin-allow-popups
etag: "484358e52e46bf958fc439fa864e9a91"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Sep 2024 07:13:39 GMT

GET
H2 200 5d15ddde5b5c0700129fbb0d.js Show response
buttons-config.sharethis.com/js/ 734 B
1 KB 55ms
8ms Script
text/javascript 2600:9000:206f:d400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5d15ddde5b5c0700129fbb0d.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:d400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0decbf4cc48bc52acb9a581053da101786c6ebf5db4f32442746809e9ed9e4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:24 GMT
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C1
age: 34
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 734
last-modified: Tue, 02 Jun 2020 19:59:06 GMT
server: AmazonS3
etag: "6690f734fad8c4a7260b8697e96a1a4c"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: jPQUDrm0cnL3BSmO_COSsbipJzaLyevTRKYFG_K1Sr5ECLZZtycIeg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
394 B 1134ms
1098ms XHR
text/plain 3.120.109.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=rate.ee&location=%2Fguessme%2Fguess&product=inline-share-buttons&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=M%C3%A4ng%20%22Vali%20mind%22%20%3A%3A%20Rate.ee&cms=unknown&publisher=5d15ddde5b5c0700129fbb0d&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.109.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-109-48.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 07:53:55 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://rate.ee
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 34ms
18ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-130487518-7&cid=50141772.1695628434&jid=1276131260&gjid=186458483&_gid=1923906550.1695628434&_u=YADAAUAAAAAAACAAI~&z=332106921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rate.ee/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 25 Sep 2023 07:53:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rate.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 40ms
18ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-130487518-7&cid=50141772.1695628434&jid=1276131260&_u=YADAAUAAAAAAACAAI~&z=2020123585

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 33ms
33ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-130487518-7&cid=50141772.1695628434&jid=1276131260&_u=YADAAUAAAAAAACAAI~&z=2020123585

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
597 B 51ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rate.ee&callback=_gfp_s_&client=ca-pub-6293444282661283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6293444282661283&plah=rate.ee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

042f342e4594a3cf31c667b3170b1d817e0cb2000ab5a0e3b480630d42d1b786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCAB 647 KB
110 KB 2656ms
2655ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&adk=1812271804&adf=3025194257&lmt=1695621234&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628433952&bpp=157&bdt=144&idt=410&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5043394336544&frm=20&pv=2&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=433

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

654ca62a44d606c34109f83319908294241c2e257894ee81457f80bb2d7607e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 111986
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:53:57 GMT
expires: Mon, 25 Sep 2023 07:53:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand%20fixed-top%20navbar-light%20bg-faded&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00BE 118 KB
39 KB 1075ms
1074ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=90&slotname=6088921234&adk=234467127&adf=2725398064&pi=t.ma~as.6088921234&w=728&lmt=1695621234&format=728x90&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434111&bpp=12&bdt=304&idt=279&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rW6tuXT9IL&p=https%3A//rate.ee&dtd=285

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af2c6e1ba1bc410b517a346da7dad3f1d9e5a165842b2b14b86f92b139b6a6e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40070
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:53:55 GMT
expires: Mon, 25 Sep 2023 07:53:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69E8 111 KB
38 KB 913ms
913ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=600&slotname=2047999216&adk=1610738455&adf=2555147040&pi=t.ma~as.2047999216&w=120&lmt=1695621234&format=120x600&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434132&bpp=13&bdt=325&idt=269&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1172&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4FQTZ5zDPo&p=https%3A//rate.ee&dtd=271

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cbe189871c0b11e6ef8a51e8dae64ee05a227a1c32bc0c2cba637c75d686a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38989
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:53:55 GMT
expires: Mon, 25 Sep 2023 07:53:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 69E8 6 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=600&slotname=2047999216&adk=1610738455&adf=2555147040&pi=t.ma~as.2047999216&w=120&lmt=1695621234&format=120x600&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434132&bpp=13&bdt=325&idt=269&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1172&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4FQTZ5zDPo&p=https%3A//rate.ee&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 06:19:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 69E8 2 KB
945 B 36ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 69E8 23 KB
9 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 69E8 3 KB
1 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 69E8 20 KB
8 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69E8 182 KB
57 KB 50ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:55 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 69E8 36 KB
15 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H2 200 11038018541088269663
tpc.googlesyndication.com/simgad/ Frame 69E8 7 KB
7 KB 33ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11038018541088269663?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c91937ef5551f1687d7f382dd49bcc61f1ab259427e81196e3117c25445217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 07:57:12 GMT
x-content-type-options: nosniff
age: 86203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6741
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 22:34:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Sep 2024 07:57:12 GMT

GET
H2 200 15347574153479192534
tpc.googlesyndication.com/simgad/ Frame 69E8 2 KB
2 KB 33ms
14ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15347574153479192534?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

655b0939c72bf138f8db55b3441275af66c6fea10cc02d5d192f00863a988b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 07:47:34 GMT
x-content-type-options: nosniff
age: 259581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1866
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:45:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 21 Sep 2024 07:47:34 GMT

GET
DATA 200
OK truncated
/ Frame 69E8 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 69E8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d44be5b725c4120d3833a4389d5e430a19cec58bb5195156432a9ee3cabb59b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 69E8 15 KB
16 KB 35ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 388912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 19:52:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 69E8 15 KB
15 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 14:58:03 GMT
x-content-type-options: nosniff
age: 147352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 14:58:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 69E8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkCKnkjwRZfDaGpad78EPzOue-A7c9eaPc9m7_pLJEebm_6ucMhABINXzlBxglfrwgYwHoAHwvcb2A8gBCakCYTFGH3HfsT6oAwHIA8sEqgTxAk_QQIJ2jgVPrTXk_DdSkN-0kCmvcmKw76U...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226273178299516802693%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22:...

0
0

62ms
40ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226273178299516802693%22,%22debug_reporting%22:true,%22destination%22:%22https://giesswein.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221053925104%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211941562349613577505%22}&andc=true

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6273178299516802693","debug_reporting":true,"destination":"https://giesswein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053925104"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"11941562349613577505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 07:53:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 07:53:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6273178299516802693","debug_reporting":true,"destination":"https://giesswein.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1053925104"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"11941562349613577505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame D6E7 37 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 00BE 14 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=90&slotname=6088921234&adk=234467127&adf=2725398064&pi=t.ma~as.6088921234&w=728&lmt=1695621234&format=728x90&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434111&bpp=12&bdt=304&idt=279&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rW6tuXT9IL&p=https%3A//rate.ee&dtd=285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 06:24:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 00BE 2 KB
926 B 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 00BE 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 00BE 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 00BE 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00BE 182 KB
57 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:55 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 00BE 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
42ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 07:53:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2D3D 143 B
166 B 9ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6293444282661283&output=html&h=90&slotname=6088921234&adk=234467127&adf=2725398064&pi=t.ma~as.6088921234&w=728&lmt=1695621234&format=728x90&url=https%3A%2F%2Frate.ee%2Fguessme%2Fguess%3Fgame_id%3D475518161%26str%3DMTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM%3D%26hash%3D54800%26mst%3D3ec--2289929--gsm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695628434111&bpp=12&bdt=304&idt=279&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5043394336544&frm=20&pv=1&ga_vid=50141772.1695628434&ga_sid=1695628434&ga_hid=2131311476&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=356&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44795921&oid=2&pvsid=578727401975580&tmod=209745583&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rW6tuXT9IL&p=https%3A//rate.ee&dtd=285
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 00BE 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 00BE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed1ced68d89f573d2ce5b3495f9b9f51e9838a1ffdd3d3c702b15f1506a421c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2D3D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
17ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:53:55 GMT
expires: Mon, 25 Sep 2023 07:53:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:53:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 00BE 33 KB
33 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 441567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 05:14:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 00BE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAoxCkjwRZZ-qGp-m78EPwsuO8A3U1aeBc6mZ2L2BEv2B5LbrAhABINXzlBxglfrwgYwHoAHKv92cKsgBAagDAcgDywSqBO4CT9B4v22N6tuZh4OAVry-jkzizxsNSAhtS80EBpTq1_joLvD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227774183008509145905%22,%22debug_reporting%22:true,%22destination%22:%22https://topprizeforyouandme.online%22,%22event_repo...

0
0

42ms
42ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227774183008509145905%22,%22debug_reporting%22:true,%22destination%22:%22https://topprizeforyouandme.online%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211334541258%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213423065737176245873%22}&andc=true

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7774183008509145905","debug_reporting":true,"destination":"https://topprizeforyouandme.online","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11334541258"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"13423065737176245873"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 07:53:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 07:53:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7774183008509145905","debug_reporting":true,"destination":"https://topprizeforyouandme.online","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11334541258"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"13423065737176245873"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame AF39 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 07:53:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 69E8 42 B
64 B 59ms
44ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMbRI44N77g4RVD6Qq8oKhWZja2OgRj12rp0IzZUjQr-kfyWhTc98fc75j-QgEuzXO85FS2EjyRFURS0qEWepU5OcVlq3NUuquOh29_a_EKu42Y8Ra-qkyjI9ueqeJWRH_OOKNMyaB73G6&sai=AMfl-YRgmIZQUx5u6X_qsVR0jkk93iMasoO4SE4zSWgUh1p0NsIjUmevmpd7Fk2jXaqHPcdxR8w1Lt5cJzqf&sig=Cg0ArKJSzAf65VzOdi86EAE&cid=CAQSGwDICaaNK7ZaBbVMq-o0NnTc8MCdXxK5HUISVRgB&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1610738455&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695628434404&rpt=1049&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 00BE 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssq-XOxqJWF8m48XGiGS_vvLmx_f1xXnOS2jsFhTEPTyNnN2f6MMChobnsqWjQ8IvWSZAjYJ1R8QAa8r_SLZElIpfYavH2uFqx7zDNIcnIAoZQhJmY_SztsvdPq2L8yN08atpp2ga07RaYK&sai=AMfl-YSpYLn3QzM2RFu3urxVIvNhfdfkhQn5Srq4NKHb7X_CY1trhBGon-GGXgHXZ8Mvg0hn-RgGSYVZRwnY&sig=Cg0ArKJSzHT9CkkLDHqgEAE&cid=CAQSGwDICaaNzoE-Fckkxpa9qMjaXPRzXe9J8bEhUBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=234467127&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695628434399&rpt=1226&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
56ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e45923de46a83b5db1e486747c0f14a86cf731c0b61ae766be3e71f137dc1b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12246
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 154 KB
52 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2c139511a880da769bd493ab2afb2277c51c4ea6953c6931483b5015fe063c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53718
x-xss-protection: 0
server: cafe
etag: 5699975504433761830
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DAE 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 18:57:42 GMT
expires: Mon, 23 Sep 2024 18:57:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D4DC 829 B
560 B 16ms
16ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c70ae350db817acf9cd8ee86a95a6d787017d58210cd7a7d46793efc89ea7750

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1XUGF8VcJ2E_8Q4IpaC2_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1XUGF8VcJ2E_8Q4IpaC2_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 07:53:57 GMT
expires: Mon, 25 Sep 2023 07:53:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 7509 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame DF73 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 2F58 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/ Frame 189F 10 KB
4 KB 9ms
9ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rate.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 05:42:12 GMT
etag: 2603938475786422795
expires: Mon, 09 Oct 2023 05:42:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 7509 4 KB
671 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 07:10:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7509 205 B
229 B 7ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:19:32 GMT
x-content-type-options: nosniff
age: 38065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 23 Sep 2024 21:19:32 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7509 604 B
628 B 9ms
9ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 166744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Sep 2024 09:34:53 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 7509 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 21:49:08 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame 7509 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:49:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 21:49:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF73 6 KB
706 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 06:57:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DF73 2 KB
892 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame DF73 23 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DF73 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame DF73 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF73 182 KB
57 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame DF73 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2F58 6 KB
706 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 07:08:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 2F58 2 KB
892 B 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 2F58 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 2F58 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 2F58 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F58 182 KB
57 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 2F58 36 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 189F 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 07:19:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 189F 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 189F 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 189F 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 189F 20 KB
8 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 189F 182 KB
57 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 189F 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10108009888449648015/ Frame 189F 22 KB
22 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10108009888449648015/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e9daa0bc4ba132ed7345d9a471d3e34a5c245a610ec9802f4e4874b33883e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 20:13:11 GMT
x-content-type-options: nosniff
age: 301246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22580
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 20:18:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 20 Sep 2024 20:13:11 GMT

GET
DATA 200
OK truncated
/ Frame 189F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 189F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D4DC 0
0 41ms
40ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=578727401975580&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 2ab36c0d951b69d9c04f85f5eb613648.js Show response
www.gstatic.com/mysidia/ Frame D77D 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3933
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:13 GMT

GET
H3 200 625aa946105f8e51c6a8dfa504f82be9.js Show response
www.gstatic.com/mysidia/ Frame D77D 142 KB
52 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/625aa946105f8e51c6a8dfa504f82be9.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db18e79a9f7151821e1a46b9d8a86611fec1408d2f1523e13479e3d275a451f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 01:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53352
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 20:01:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 01:08:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D77D 21 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 06:58:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame D77D 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame D77D 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame D77D 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame D77D 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:05:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D77D 182 KB
57 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:53:57 GMT

GET
H3 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame D77D 36 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DAE 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 07:36:08 GMT

GET
DATA 200
OK truncated
/ Frame 189F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73cd842f173d0d68b94c77327a3db9bc23d9fe532322fb2e2702945f88c99916

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10108009888449648015/ Frame DF73 50 KB
50 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10108009888449648015/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d82e1d84ed0e13f26f202ba15fea76cfb5f1406b2f3ba2de46f1f9edfc9900de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 07:56:28 GMT
x-content-type-options: nosniff
age: 86249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51644
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:13:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Sep 2024 07:56:28 GMT

GET
H3 200 17736692256503650151
tpc.googlesyndication.com/simgad/ Frame DF73 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17736692256503650151?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9144d95a09a10e5b1a7ca7cdc01c64624f11f16b7da0fb6f59145e83a1a947e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:24:54 GMT
x-content-type-options: nosniff
age: 469743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2719
x-xss-protection: 0
last-modified: Mon, 27 May 2019 08:38:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 21:24:54 GMT

GET
DATA 200
OK truncated
/ Frame DF73 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DF73 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fb5978b9aadfefdd6d1b52d12cea1dcd7a27c9826e767eeb6b8084e4803b80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/17776629092529044980/ Frame 2F58 52 KB
52 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17776629092529044980/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed4cbe4f0ca04e51aeaae3618384d2b856d0d01f3c31f1e4505b824c5640815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 06:15:54 GMT
x-content-type-options: nosniff
age: 437883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53325
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 19:00:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Sep 2024 06:15:54 GMT

GET
H3 200 8889402257245011188
tpc.googlesyndication.com/simgad/ Frame 2F58 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8889402257245011188?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d6897d387dfed1f368520b75fdfbaf7abac2c065f4cd92fe1ad5e9e66be3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 06:14:42 GMT
x-content-type-options: nosniff
age: 92355
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1171
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:33:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Sep 2024 06:14:42 GMT

GET
DATA 200
OK truncated
/ Frame 2F58 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2F58 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 932883ae19b22f2c41b973d0d857765864da02560238fc600ce820c45da60461

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E02 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 189F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2AMzkjwRZYPwGY2z6wTe3pnYBbLsv9Jvy4rTtNgR3NkeEAEg1fOUHGCV-vCBjAegAdHyisIDyAEJqQJhMUYfcd-xPqgDAcgDywSqBPgCT9ArAC8bXlunekBW73vtK0CugcJZWpzY1UqjjQE...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225238153908093075732%22,%22debug_reporting%22:true,%22destination%22:%22https://senioren-dating-websites.de%22,%22event_rep...

0
0

42ms
41ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225238153908093075732%22,%22debug_reporting%22:true,%22destination%22:%22https://senioren-dating-websites.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943896913%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222570970716887676209%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5238153908093075732","debug_reporting":true,"destination":"https://senioren-dating-websites.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["943896913"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"2570970716887676209"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 07:53:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 07:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5238153908093075732","debug_reporting":true,"destination":"https://senioren-dating-websites.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["943896913"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"2570970716887676209"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DF73
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-uPhkjwRZYHwGY2z6wTe3pnYBbLsv9Jvy4rTtNgR3NkeEAEg1fOUHGCV-vCBjAegAdHyisIDyAEJqQJhMUYfcd-xPqgDAcgDywSqBPcCT9DsdYF93QS9EPkRYlRfnR8jHqe0CC4GeWYDSD8...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211751763075847476528%22,%22debug_reporting%22:true,%22destination%22:%22https://senioren-dating-websites.de%22,%22event_re...

0
0

41ms
41ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211751763075847476528%22,%22debug_reporting%22:true,%22destination%22:%22https://senioren-dating-websites.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22943896913%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216916424571474140065%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11751763075847476528","debug_reporting":true,"destination":"https://senioren-dating-websites.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["943896913"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"16916424571474140065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 07:53:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 07:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11751763075847476528","debug_reporting":true,"destination":"https://senioren-dating-websites.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["943896913"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"16916424571474140065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame A031 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame CB4F 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: rate.ee
URL: https://rate.ee/guessme/guess?game_id=475518161&str=MTAzMzU5Ny45MjAxNDAuNzMwOTAxLjE3NDU4NDAuODk3MDg0LjIyODM5ODM=&hash=54800&mst=3ec--2289929--gsm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2F58
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C7YZRkjwRZYLwGY2z6wTe3pnYBdTVp4FzqZnYvYES_YHktusCEAEg1fOUHGCV-vCBjAegAcq_3ZwqyAEJqAMByAPLBKoE7wJP0IsuEy5eFPmQ8HaZNh03bPz7CvV6Q1Rk7xKcIpJH7brgmot...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226710934455497097331%22,%22debug_reporting%22:true,%22destination%22:%22https://topprizeforyouandme.online%22,%22event_repo...

0
0

43ms
43ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226710934455497097331%22,%22debug_reporting%22:true,%22destination%22:%22https://topprizeforyouandme.online%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211334541258%22],%224%22:[%2209-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222585091395399244881%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6710934455497097331","debug_reporting":true,"destination":"https://topprizeforyouandme.online","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11334541258"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"2585091395399244881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 07:53:57 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 07:53:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6710934455497097331","debug_reporting":true,"destination":"https://topprizeforyouandme.online","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11334541258"],"4":["09-25"],"6":["true"]},"priority":"500","source_event_id":"2585091395399244881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js Show response
pagead2.googlesyndication.com/bg/ Frame C95E 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd6OEElWfwYGZaCPT5eErxVu3EhHI0c6zUCVPrO95VA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:19:24 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 07:53:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 07:53:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 43ms
42ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 07:53:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4DAE 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QnBANg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 07:53:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=578727401975580&bg=!cnGlcT7NAAYrDsWMCw47ADQBe5WfOGiIe25r8CrP1Bb8bIQqkIlcmKCk2NBzUPVYHERkPhSP3-UlfSKa9VsuI67-C2cuAgAAATlSAAAACmgBBwoAxhGDjogODLfhsKalprNcDivUIVvC7KWXwK7v3IKJwToofi6YkZ3UJyBJTBOA-W7MmMIooVqgc3B5oIurZgkNmTfZz26WkJjxLRYUxmSeCGSGiHO0mBnRb7s0Tt_dBltSc-dJ_eFCRVRsi_PyH4cPYxQlFlMz9lpCAO9JEkACKVhRRYJNCo9s478qONtxGiQsXUvsRSQx5o1fUjIJKCgpeX2-XMltWJhGHwE8994bajiwR_RiN4reqgLrzOqZFGAAUuYpWSmTnpkCu0k8G-kWW-qbX6QwIFF5GXV1ygote-0MklP6J3XJMbAxDtWnnfia3DEDuQFPCv8xx4Ztr9wxvV30MLi4gLhJfoMGSQIkxc1ByAg8B1ffzMim6a6MK4CL3NxTekt59d40rLNpNeX3VUSIcy5pQltrRKLW2B-mHglrzQNGrnjglarj6OJAvdKXNVwzIMaPJph7HKwjzl1BWYNpbo9paMAc9N1bq8d36a59LUpO_RQdfJ4f061ZgSi4bVmhHzTYTQAegavpmumpPa70LRZrdnKrT2hNgCnL26NpYs4rinSTLtsro3SOtfvP5g3381tzYuN2cgGgX78XIoA2nB6WtHdse_ng5osSV4lUfbB5UNw2pD6yzPNcS--mOqCitaJAa-Y110xNubgLYh6iUuw7GteOm_zm6zAlDdAflQXDt0S0o2ePkfrEgHXiC91xvxIPECGyvT0Wx2BOLRSXcrZ_E561YPo1TI-0hXTTp216T76Oioq6Md5LtVX7L-RGVWBTozZeC8dxZKtuc6jXiGE-iyjFpilhRsJiA065l0zBxc2CKFOEkgZoNIW8bfaZVofpJQILI_Qjm61PE-MaIq7ddsWpXGvoF_hGEudJWPT8edLL0vgN-mcqc1xeBrq_XVhqHwweJeorfA1TBa6PCsy_cjqhEgin74cCEODMzwPOEmldyXDfwmeYwNkdmxPGWgKOZgqE9ds5OZrPrWhe5JxpB7p1C2nmyvFJX1izwyI4rc-fw3PMCWptPkU2PpP0Vxhfg2ZW8kMUt0JRjfRQd1K9UGyykEtKsKTkfm0vk5VhClgfmwFTIsSMVhSbP-bprpxwCCVzIjYsF-ntsf2vTz08XkSpBLHeUBXUv9_itNb0_JBQWYwdVUwxTtSg0DX5vaXCZUZRKQ0CSY-0lTWNPGu0ZvLPVL-FNRUtlIwTKWjlZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rate.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF73 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNApPEk-Iqvz12kP98-XP-tleDHEZl20b762KJYhv4HVE2-VF4fhEM8_ykL_vWwaMlZb9f4pWeWrpI2fsbP874k5tYojhwJBcaYp4t0SG6YAJcz_zd4OkEFqQimwv5ZGrE_nms9vqtsX13&sai=AMfl-YQcukOI10XQ-W_chSFC0UCjswiK_1nFA3jSslRKyEYsf_CHPbADaDK6ZTXjvLzlHurYYVC_5cqqaC0b&sig=Cg0ArKJSzOmUv3hc9lQlEAE&cid=CAQSGwDICaaNzrdkxphDNrUqFPZBFzWKeTcLXFldhxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695628437202&rpt=231&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F58 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZ_UaErwL_Wb6_U6h_vQzplNXnPE0IjXumcQ0SfLXpGs0nAxOOOaxUBLopoxEBBTA-tRSg653Mhy2ZhMO3PgzyJURR02s_1K6JVcO_vluk5I3BNRJpG-x5ASEPMCPMDG8dQ9MpHA0gdR56&sai=AMfl-YS1MsqfZA_aANLyzUaKMXc-QcOPsxGzdgZtUOcwn_smJj5WjSFER2CF2m5Sb6GkhHetC9x24xmEzgBK&sig=Cg0ArKJSzNeGDP-KChbIEAE&cid=CAQSGwDICaaNzrdkxphDNrUqFPZBFzWKeTcLXFldhxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695628437204&rpt=260&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 189F 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshiuRyRzIgO1-7EOLz2-fV7i1sduwhO0L7VXm9g2BUZwRucOzGJk25TJqurn-bPCJsN8NhhiKvemgpuCYoX4h8FVWQpyW6gxrcBkxyLOcWQVwt_S2-WbXr-Jw6yC0mJEnNgFC_Q7qp-Ck5&sai=AMfl-YTOTP_9CpFDqfxjUTAaNODzMFjHzFz3je1WZgnC3cJeMvN2qcFJIB3dUDwbAjFxwrHHAgoJzfAAycPs&sig=Cg0ArKJSzOxjVoMknVOmEAE&cid=CAQSGwDICaaNzrdkxphDNrUqFPZBFzWKeTcLXFldhxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=177,860,1000,1130,1171&tos=177,683,140,130,41&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695628437205&rpt=293&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 07:53:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rate.ee/	1970-01-20 15:43:40	Name: from_mobile_browser Value: 0
.rate.ee/	1970-01-20 15:01:54	Name: session Value: d46f5d4eca76d4cb341eb147d2a4c65134edc824%7E65113c91886c0
.rate.ee/	1970-01-20 15:00:50	Name: site_stats Value: 49eb63246073aeb92143e51482b2e15de938137c%7E1
.rate.ee/	1970-01-20 23:46:25	Name: stats Value: 2b1269be0be0c993a6a900d4185eac55a222a263%7E16956284335672_9dfd77568ede4d3e29edd4c7f60762cb
.rate.ee/	1970-01-20 15:50:28	Name: unqid Value: 25aff559de589f8f470e5ea1fd507f2d9fa9ba50%7Eb0af6324a558a631b898bfc60876cec4%3A2289929%3Ac8d9e76479
.rate.ee/	1970-01-20 15:43:40	Name: browser_info Value: a%3A2%3A%7Bs%3A4%3A%22name%22%3Bs%3A6%3A%22chrome%22%3Bs%3A7%3A%22version%22%3Bs%3A13%3A%22117.0.5938.92%22%3B%7D
payment.maksekeskus.ee/	1970-01-20 15:10:33	Name: AWSALBCORS Value: 3Xttgz8xLG2k2M0wOUrNYWQzN+0jUvRK/x9U7oBTfY82pYK07fTrdnIr963KXaELevu74rekEDe4AzY5niUuTYhhzYjFoVjm7nsUD3EmCuhvMA/53xoYGGwSwaQ5
.rate.ee/	1970-01-21 00:36:28	Name: _ga_QM6LE11PBL Value: GS1.1.1695628434.1.0.1695628434.60.0.0
.rate.ee/	1970-01-21 00:36:28	Name: _ga Value: GA1.2.50141772.1695628434
.rate.ee/	1970-01-20 15:01:54	Name: _gid Value: GA1.2.1923906550.1695628434
.rate.ee/	1970-01-20 15:00:28	Name: _gat_gtag_UA_130487518_7 Value: 1
.rate.ee/	1970-01-21 00:22:04	Name: __gads Value: ID=6f3a18c2c1d0303d-2246544c91de007c:T=1695628434:RT=1695628434:S=ALNI_MbyrGBr-cMsWu_-cFe8F47OYl5K8Q
.rate.ee/	1970-01-21 00:22:04	Name: __gpi Value: UID=00000c835a20a659:T=1695628434:RT=1695628434:S=ALNI_MbdkD2AVzoDm-IerV1Mm_i0n2fbCQ
.doubleclick.net/	1970-01-21 00:22:04	Name: IDE Value: AHWqTUkPbGErAB0-KTkcSdXwC5JnMMseuAee_o-GfUNGj_EvJ-nqwGKr3hhlnRhURWQ
.doubleclick.net/	1970-01-20 15:00:32	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:10:04	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 15:00:29	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
payment.maksekeskus.ee
platform-api.sharethis.com
rate.ee
region1.analytics.google.com
static.cc.maksekeskus.ee
stats.g.doubleclick.net
tpc.googlesyndication.com
www.flirtic.ee
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.99.51
142.250.184.194
143.204.215.54
18.202.104.29
2001:1b28:4::8:176
2001:4860:4802:32::36
212.7.8.176
2600:9000:206f:d400:c:abe:f440:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9d
2a03:2880:f083:9:face:b00c:0:3
3.120.109.48
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
042f342e4594a3cf31c667b3170b1d817e0cb2000ab5a0e3b480630d42d1b786
08e8045d61b260e4d09c6912fe94449fe11e7ff90229c6ebf3252bd1042d58e3
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0db18e79a9f7151821e1a46b9d8a86611fec1408d2f1523e13479e3d275a451f
0decbf4cc48bc52acb9a581053da101786c6ebf5db4f32442746809e9ed9e4d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
234e9daa0bc4ba132ed7345d9a471d3e34a5c245a610ec9802f4e4874b33883e
2452bb58933ccc070d7cb8888c176e69d938257f5d41eed0bb5e1f977c8afe9c
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d18b05b2339f15427184f128a119e379f43dde095fede11b03e1a9fe4ee74f6
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47d6897d387dfed1f368520b75fdfbaf7abac2c065f4cd92fe1ad5e9e66be3c1
4be2e4cc6c402759c5835e32ab13cbb8bffd2f5dfd5fd269667c6b91ed10e875
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed4cbe4f0ca04e51aeaae3618384d2b856d0d01f3c31f1e4505b824c5640815
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5657f186f6109246cdadd0a78c111f943df17d1579d86d1e279a107f1cb8761c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d44be5b725c4120d3833a4389d5e430a19cec58bb5195156432a9ee3cabb59b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
654ca62a44d606c34109f83319908294241c2e257894ee81457f80bb2d7607e5
655b0939c72bf138f8db55b3441275af66c6fea10cc02d5d192f00863a988b24
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
73cd842f173d0d68b94c77327a3db9bc23d9fe532322fb2e2702945f88c99916
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
77fb5978b9aadfefdd6d1b52d12cea1dcd7a27c9826e767eeb6b8084e4803b80
7f11be23b6de686f4dfb0717c7fc99da7d848c490afd22898c96bd4a74429e1d
80ac918a1d2f34fe675770b2d9791cda6b869612413aa1f3aadf1f25de5f3c0b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85de8e1049567f060665a08f4f9784af156edc484723473acd40953eb3bde550
89dd38c767a799ac37b41ba6634f59b46462b8e7cbfb0945ea731159aee625bb
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
932883ae19b22f2c41b973d0d857765864da02560238fc600ce820c45da60461
97cb891e93d88c362cca2c8612c3760d3922c494b6e872e7456f8a720c82d8cb
9800fff2cb9ae9bb0b674ddc1992527b957e9be7a0d89ff50c7798aade899e73
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9cd6abaaf1c1ee1a625e52217a7ed9ffb915bd8ec0fbbd24116c38ae0b5b5948
a265f395b7a66645cf32f80a4d71c34199485e2fef9325c345705c74301f2907
a5cbe189871c0b11e6ef8a51e8dae64ee05a227a1c32bc0c2cba637c75d686a2
a9c59ae4bf5ea442ce8e6b38355ce5a205fb365395d99002ac7f95d0ee512f17
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af2c6e1ba1bc410b517a346da7dad3f1d9e5a165842b2b14b86f92b139b6a6e9
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
ba429a23792effaeb138507bdd0df6278e1b83698cbec57abe90778bd36d4489
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bdfaa4dc355826fce3573aea13b241ce82481a0196f7686eff1f2c93a504bb89
c2c139511a880da769bd493ab2afb2277c51c4ea6953c6931483b5015fe063c2
c3c91937ef5551f1687d7f382dd49bcc61f1ab259427e81196e3117c25445217
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c70ae350db817acf9cd8ee86a95a6d787017d58210cd7a7d46793efc89ea7750
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d82e1d84ed0e13f26f202ba15fea76cfb5f1406b2f3ba2de46f1f9edfc9900de
d9144d95a09a10e5b1a7ca7cdc01c64624f11f16b7da0fb6f59145e83a1a947e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4b4fdf8c32bbfd89070607570f9260398a51b4f9f944c74eb499d9a443ad8f
e19ada6bef2ac3d4e7a3c28001b3075c32e31ccc3232d1edd23cbeaac309be82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4319b5971af5634caab019d294577446af26d180e810cbd2f92fe932a4d6f2f
e45923de46a83b5db1e486747c0f14a86cf731c0b61ae766be3e71f137dc1b2d
ed1ced68d89f573d2ce5b3495f9b9f51e9838a1ffdd3d3c702b15f1506a421c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f260739e4241db0d9fe2a3a8fd4f64b9c73ae245a97e29c3c2806302d46178ad
f45795e6d30a8ad5860c64ac1f02481e9e0c322b73834ff744273cdb86b7a574
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9d11da85968a6a4b33c7497f2ca42db7f86812efb66ee6f309d58d1c559ce1b
fa123f594bff50c613493e8066f45a6e7d7bfc65680e56bc84d68ea77e0b4876
fae84ceadbdf91e9803710b57915d93055d842e1e78acf12f01853eba4c6cfc3

rate.ee Open in urlscan Pro 212.7.8.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

96 %HTTPS

74 %IPv6

15 Domains

23 Subdomains

23 IPs

5 Countries

2132 kBTransfer

6447 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rate.ee Open in urlscan Pro
212.7.8.176 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

96 %
HTTPS

74 %
IPv6

15
Domains

23
Subdomains

23
IPs

5
Countries

2132 kB
Transfer

6447 kB
Size

17
Cookies

134 HTTP transactions
11 data transactions