arazu.io Open in urlscan Pro
2400:52e0:1e00::1078:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://arazu.io/
Effective URL:
https://arazu.io/
Submission: On May 10 via manual (May 10th 2023, 9:33:19 pm UTC) from IN — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 21 domains to perform 77 HTTP transactions. The main IP is 2400:52e0:1e00::1078:1, located in Germany and belongs to BUNNYCDN, SI. The main domain is arazu.io. The Cisco Umbrella rank of the primary domain is 967021.
TLS certificate: Issued by R3 on May 5th 2023. Valid for: 3 months.

This is the only time arazu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2400:52e0:1e0... 2400:52e0:1e00::1078:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
21	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3 12	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2 2	3.125.249.165 3.125.249.165	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:1a95:7ea:ebf7:b0a7	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
77	23

2 2400:52e0:1e00::1078:1 (Germany) 1 redirects

ASN200325 (BUNNYCDN, SI)

arazu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.249.165 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-249-165.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:1a95:7ea:ebf7:b0a7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	350 KB
21	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 ad.doubleclick.net — Cisco Umbrella Rank: 173 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	57 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4217 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	135 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 rtb0.doubleverify.com — Cisco Umbrella Rank: 756 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 86510	21 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5171 adservice.google.de — Cisco Umbrella Rank: 7680	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 746	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 585	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5492	655 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 848	2 KB
2	arazu.io 1 redirects arazu.io — Cisco Umbrella Rank: 967021	5 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	173 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 352	461 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448	715 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1581	587 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	601 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
0	Failed function sub() { [native code] }. Failed
77	21

	Domain	Requested by
21	pagead2.googlesyndication.com	arazu.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net
12	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	cdn.doubleverify.com	googleads.g.doubleclick.net cdn.doubleverify.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	arazu.io	1 redirects
1	s0.2mdn.net	ad.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	arazu.io
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.jsdelivr.net	arazu.io
1	www.googletagmanager.com	arazu.io
0	.webp Failed	arazu.io
77	31

This site contains no links.

Subject Issuer	Validity	Valid
arazu.io R3	`2023-05-05` - `2023-08-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://arazu.io/
Frame ID: 126A5800F97A44506AFBAD119EF03296
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230508/r20190131/zrt_lookup.html
Frame ID: 824C0CE5B80A72759FEDC1E410D17551
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&adk=1812271804&adf=3025194257&lmt=1683754394&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Farazu.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394336&bpp=2&bdt=196&idt=297&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=559176557707&frm=20&pv=2&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322
Frame ID: 2AA73EA14EB74A1B3618778D331939F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7
Frame ID: 9441117757E5358F05044E19E17CAC31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGJSO6-gBMAE&v=APEucNWA5Yi4zgUWsQ98g4Jb6Sbqu10Vs1ibkzYWJ-kCcqo2kxWcLmlQQxw00wt8kEJG1vMfGDRCLR8w9-vjOEv2lOyq-RtA1HO1KnUXsIroTHhmQhXyjvK5PKIpiIp_MGZyMQrbUW9Iax_BDqRiYH-Pws_Ju9JNtyYk8qAdABak6ZipavSLpdM
Frame ID: 4E182B4A72D0B8B9E4BC1EA3B9273721
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CD78AB865F5B9D66EF3D6EEEDA76CDAC
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C37C3111FED37F42BE0F75AF15583A0
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=95.280;sz=160x600;u_sd=1;dc_adk=2365659248;ord=c1z723;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Farazu.io%2F$0;xdt=1;crlt=c-n!q!*rHG;stc=1;chaa=1;sttr=38;prcl=s
Frame ID: F4220184324950AFCCFFC50A653FDE34
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 98FF986402732C6B2AC54BE9E4661BB7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 19BF38AFF6505563520D5C3CBF7C5E9E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Frame ID: 8C1E141B5A1481931866070EC9F1A885
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6BFE68B75B62FE3BA143067E39623590
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79D2E3C50180499568F018BAD036EFDB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://arazu.io/ HTTP 301
https://arazu.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

81 %
HTTPS

59 %
IPv6

21
Domains

31
Subdomains

23
IPs

8
Countries

856 kB
Transfer

2150 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://arazu.io/ HTTP 301
https://arazu.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1

Request Chain 36

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFwNnJSgZcTkHXcgMMEZ-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECYFFeVPU0TpzX3YXaq57KY&google_cver=1

Request Chain 38

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MjA1NzM5OTgxMzE0ODIwMA%3D%3D

Request Chain 53

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cver=1&google_push=ATf1kGNYzh__bt9zor9NcIQ-CzlQns29-TSHCrcTTfcJNpNwA3as3gCuqyb0Y7uhGKCRyjRBPU9Jp3iQWPU7BPbQnosQf_y9Eat5Obg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cver=1&google_push=ATf1kGNYzh__bt9zor9NcIQ-CzlQns29-TSHCrcTTfcJNpNwA3as3gCuqyb0Y7uhGKCRyjRBPU9Jp3iQWPU7BPbQnosQf_y9Eat5Obg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OHB2Y0FzeWUxUFdScVk1&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cver=1&google_push=ATf1kGNYzh__bt9zor9NcIQ-CzlQns29-TSHCrcTTfcJNpNwA3as3gCuqyb0Y7uhGKCRyjRBPU9Jp3iQWPU7BPbQnosQf_y9Eat5Obg

Request Chain 54

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG5KmIsJKrG1zIp0Ri_1BgI&google_cver=1&google_push=ATf1kGMi3kAf0AF7Lgny4OH1fhvpZWiH_QgB3pTM27kQETkVLpoq4KR9KkrX2Hg3IugdRr_sObxNC1D65hoQ_4O_sMpwAS53ix6waOM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTY3MDA2NTMzNjY3ODU1Mw%3D%3D&google_push=ATf1kGMi3kAf0AF7Lgny4OH1fhvpZWiH_QgB3pTM27kQETkVLpoq4KR9KkrX2Hg3IugdRr_sObxNC1D65hoQ_4O_sMpwAS53ix6waOM

Request Chain 55

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDi95W7dK34aYhDNKk8-kWc&google_cver=1&google_push=ATf1kGMF57Ts0TjU_vzrXkiod1Oa3RAe6k4ywRDE7ha1n8KmladRdn5OQnOVHi1fabLm0ibPcHfCgS1VYLh9fLRmYO7bIWo4_yVU5kqn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMF57Ts0TjU_vzrXkiod1Oa3RAe6k4ywRDE7ha1n8KmladRdn5OQnOVHi1fabLm0ibPcHfCgS1VYLh9fLRmYO7bIWo4_yVU5kqn&google_hm=eS1rWXJKWkhKRTJwRWV5cDlWalJOcmVVeU5UUXFBYmMxR35B

Request Chain 56

https://d5p.de17a.com/cookies/google?google_gid=CAESEKY3-0uejzn2kT8DflSgOnI&google_cver=1&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQGAfzXFYUPt HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKY3-0uejzn2kT8DflSgOnI&google_cver=1&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQGAfzXFYUPt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQGAfzXFYUPt

Request Chain 57

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB3IGHFA45svwmDa_tUEAc0&google_cver=1&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT63y9PPs3Um0Qe8dORnsR6wMf_tV HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB3IGHFA45svwmDa_tUEAc0&google_cver=1&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT63y9PPs3Um0Qe8dORnsR6wMf_tV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA0MzY2MDM1OTM0NDU4OTM5Nw&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT63y9PPs3Um0Qe8dORnsR6wMf_tV

Request Chain 58

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMXIIShD-1XPa_0176KcEBM&google_cver=1&google_push=ATf1kGNi1TpOwfJseVcko_w6-WS31QNCwc_LLSJREDdjYmwp21yHbo9Gq5HMuRuUx_LY4CNZFkKUMCjueZkX0XISkUX8h6rYeqOQPB8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMXIIShD-1XPa_0176KcEBM&google_cver=1&google_push=ATf1kGNi1TpOwfJseVcko_w6-WS31QNCwc_LLSJREDdjYmwp21yHbo9Gq5HMuRuUx_LY4CNZFkKUMCjueZkX0XISkUX8h6rYeqOQPB8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycibrNLhRbi7vzfSLXYrSA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNi1TpOwfJseVcko_w6-WS31QNCwc_LLSJREDdjYmwp21yHbo9Gq5HMuRuUx_LY4CNZFkKUMCjueZkX0XISkUX8h6rYeqOQPB8

Request Chain 59

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKFBxu4Qi8Dw06uyJUsaraw&google_cver=1&google_push=ATf1kGPGszm8w8v-sIUYi67i8Uz6jUFyZWe2WWCB4aogxPVjaC0ixQPi5m9aLhvIWXbxmygo26FnI3mr5E-Fy_wmg3cfmHLB4knODnQB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhJN1c3RlktVS1HQk1C&google_push=ATf1kGPGszm8w8v-sIUYi67i8Uz6jUFyZWe2WWCB4aogxPVjaC0ixQPi5m9aLhvIWXbxmygo26FnI3mr5E-Fy_wmg3cfmHLB4knODnQB

77 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arazu.io/
Redirect Chain

http://arazu.io/
https://arazu.io/

17 KB
5 KB

90ms
30ms

Document
text/html

2400:52e0:1e00::1078:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://arazu.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1078 /
Resource Hash: c93325f0a1eb4bf5e2058a7c78ea709ce5e15bb0b14e9323616d332839e5e7c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=1200
cdn-cache: HIT
cdn-cachedat: 05/10/2023 21:27:30
cdn-edgestorageid: 1053
cdn-proxyver: 1.03
cdn-pullzone: 949544
cdn-requestcountrycode: DE
cdn-requestid: fb8f7f24a23dad7bc430847c8a169d92
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: ebbb9230-025d-4974-a804-896e90c1aca3
content-encoding: br
content-type: text/html
date: Wed, 10 May 2023 21:33:14 GMT
server: BunnyCDN-DE1-1078
vary: Accept-Encoding
x-amzn-requestid: e0048864-e632-409e-8af9-f07b384da756
x-amzn-trace-id: root=1-645c0bdb-49a9112978f71be9179a4e96;sampled=0;lineage=633edd08:0

Redirect headers

CDN-PullZone: 949544
CDN-RequestCountryCode: DE
CDN-RequestId: 6675db13d410e6434aac6351a6d454e3
CDN-Uid: ebbb9230-025d-4974-a804-896e90c1aca3
Cache-Control: public, max-age=1200
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 10 May 2023 21:33:14 GMT
Location: https://arazu.io/
Server: BunnyCDN-DE1-1078

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 86ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C50PTYCBF1

Requested by

Host: arazu.io
URL: https://arazu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de888581f50300c283ac747272e2765bcd8d0f5fd92b2d149c3c939228d71a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 May 2023 21:33:14 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/ 190 KB
30 KB 678ms
227ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css

Requested by

Host: arazu.io
URL: https://arazu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arazu.io/
Origin: https://arazu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 May 2023 21:33:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3097510
x-jsd-version: 5.2.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
x-served-by: cache-fra-eddf8230072-FRA, cache-gig2250070-GIG
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 136ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7904588434615810

Requested by

Host: arazu.io
URL: https://arazu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8e61af9dd2919bdbbdb8b5ab37c6b07992d91e6b66099c4ac801b30f53d2216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arazu.io/
Origin: https://arazu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47532
x-xss-protection: 0
server: cafe
etag: 5255742595907282083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 10 May 2023 21:33:14 GMT

GET /
.webp/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
249 B 102ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C50PTYCBF1&gtm=45je3580&_p=2043408544&_gaz=1&cid=1129290202.1683754394&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683754394&sct=1&seg=0&dl=https%3A%2F%2Farazu.io%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C50PTYCBF1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arazu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
240 B 85ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C50PTYCBF1&cid=1129290202.1683754394&gtm=45je3580&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C50PTYCBF1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://arazu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 101ms
47ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C50PTYCBF1&cid=1129290202.1683754394&gtm=45je3580&aip=1&z=183635808

Requested by

Host: arazu.io
URL: https://arazu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
.webp/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/ 355 KB
120 KB 143ms
100ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7904588434615810&plah=arazu.io&bust=31074458

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7904588434615810

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5459f61e54c1830a3c4630eed00bb675b2c0a975849dbb4920e705ba6f253172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122343
x-xss-protection: 0
server: cafe
etag: 4267768899707816658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 May 2023 21:33:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230508/r20190131/ Frame 824C 10 KB
5 KB 73ms
22ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230508/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7904588434615810

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arazu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 16:08:18 GMT
etag: 15057649708203361565
expires: Wed, 24 May 2023 16:08:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 82ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=arazu.io&callback=_gfp_s_&client=ca-pub-7904588434615810

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7904588434615810&plah=arazu.io&bust=31074458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24beec90360fbc4dcca39789546b5449e0834fffef9e21a76f0040d2326ca8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 105ms
32ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=arazu.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 100ms
33ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arazu.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AA7 0
188 B 227ms
226ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&adk=1812271804&adf=3025194257&lmt=1683754394&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Farazu.io%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394336&bpp=2&bdt=196&idt=297&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=559176557707&frm=20&pv=2&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arazu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 21:33:14 GMT
expires: Wed, 10 May 2023 21:33:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET /
.webp/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=arazu.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 34ms
33ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=arazu.io

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9441 32 KB
12 KB 989ms
989ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8114aeda00ce280c3d10e65e7aceca437eccbe6cf6bd301d9980e1fb9c795cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arazu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12123
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 21:33:15 GMT
expires: Wed, 10 May 2023 21:33:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
.webp/ 0
0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4E18 624 B
242 B 64ms
63ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGJSO6-gBMAE&v=APEucNWA5Yi4zgUWsQ98g4Jb6Sbqu10Vs1ibkzYWJ-kCcqo2kxWcLmlQQxw00wt8kEJG1vMfGDRCLR8w9-vjOEv2lOyq-RtA1HO1KnUXsIroTHhmQhXyjvK5PKIpiIp_MGZyMQrbUW9Iax_BDqRiYH-Pws_Ju9JNtyYk8qAdABak6ZipavSLpdM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 21:33:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CD78 78 KB
27 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 10 May 2023 21:33:15 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame CD78 2 KB
1 KB 219ms
54ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=28473661&cmp=29823371&plc=366423291&sid=7758003&dvregion=0&unit=160x600
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 21:33:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 10:59:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2d4a10aae224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame CD78 3 KB
1 KB 87ms
23ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 16:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 16:08:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame CD78 19 KB
8 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 16:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 16:08:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CD78 0
0 84ms
30ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrNOs2liRRELA5Yp_Y9hH1480wl3lGX3Lk5qQ4K8I06Te-KUnvCROOI6NXfWIXUr2XeP8bA043lxqJTHfvaNXN7sroNw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD78 169 KB
53 KB 95ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 21:33:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD78 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5AzvCW7atrlTImOaLFajXVqXogeFZo2yFxIyzokUEM2V6Q3ufjDFfcKvxkyGCkrefExo8d0R6pU-cWEVV0ro0m4oDMu3BE7SjN-HtaDrEuZKgqZU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD78 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3794890116086139292&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1

43 B
766 B

37ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGJSO6-gBMAE&v=APEucNWA5Yi4zgUWsQ98g4Jb6Sbqu10Vs1ibkzYWJ-kCcqo2kxWcLmlQQxw00wt8kEJG1vMfGDRCLR8w9-vjOEv2lOyq-RtA1HO1KnUXsIroTHhmQhXyjvK5PKIpiIp_MGZyMQrbUW9Iax_BDqRiYH-Pws_Ju9JNtyYk8qAdABak6ZipavSLpdM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 May 2023 21:33:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E18
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFwNnJSgZcTkHXcgMMEZ-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGJSO6-gBMAE&v=APEucNWA5Yi4zgUWsQ98g4Jb6Sbqu10Vs1ibkzYWJ-kCcqo2kxWcLmlQQxw00wt8kEJG1vMfGDRCLR8w9-vjOEv2lOyq-RtA1HO1KnUXsIroTHhmQhXyjvK5PKIpiIp_MGZyMQrbUW9Iax_BDqRiYH-Pws_Ju9JNtyYk8qAdABak6ZipavSLpdM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 May 2023 21:33:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKlvkNw6jikMiL5ZMFMeTE0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4E18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECYFFeVPU0TpzX3YXaq57KY&google_cver=1

43 B
1 KB

25ms
23ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECYFFeVPU0TpzX3YXaq57KY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGJSO6-gBMAE&v=APEucNWA5Yi4zgUWsQ98g4Jb6Sbqu10Vs1ibkzYWJ-kCcqo2kxWcLmlQQxw00wt8kEJG1vMfGDRCLR8w9-vjOEv2lOyq-RtA1HO1KnUXsIroTHhmQhXyjvK5PKIpiIp_MGZyMQrbUW9Iax_BDqRiYH-Pws_Ju9JNtyYk8qAdABak6ZipavSLpdM

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.2 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 May 2023 21:33:16 GMT
AN-X-Request-Uuid: 45ddfe38-21b6-47fa-b65b-482d0c85cf96
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECYFFeVPU0TpzX3YXaq57KY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4E18
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MjA1NzM5OTgxMzE0ODIwMA%3D%3D

170 B
243 B

34ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MjA1NzM5OTgxMzE0ODIwMA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 10 May 2023 21:33:16 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9abe5e9d-1a94-4642-8336-496580afd92f
Server: nginx/1.23.2
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODc4MjA1NzM5OTgxMzE0ODIwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD78 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4977566260310&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD78 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4977566260310&version=m202301230201&ct=76&x=1&cor=3794890116086139400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CD78 15 KB
11 KB 150ms
150ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnDKZq_CqGFS2A97D234Ev0gEHSFHoNCzIFqBirR9tZGvHktyONY2FK6WMhfHjJtzZhtAP9MrQAUqAq6kNPohQ0FMkapKxcZa7bj2bOw6SWwwSjyHB7cgmp5L7TVGA5nAKupYc_UZGGeJp7HrG1PNWGMNxCjNKX9k4qMYwZLY-yCASjA8&cry=1&dbm_d=AKAmf-BHbr-xGw7TkV89oioNsbzm5oWOvZi_Jgo-Urln-TaVtpjk0YW4AYWRGzHFLuGcGBaAA7i650HKehvJyUgGLjlxkwI708yxwWc6lEgNuUhiCl2wSOH9AHirVOtTKzjbwLM4pNmLbj9aXSUyWyr9h07t3ASwuJbe1JEs_TluKLjcRmdX2uOdy7Bg4kW0GpOnChiJa4HzV2tBydgJQukO9wi498d1t-h11Vhgrd1Pn3qxGqpRN5iE3gHmn_DOlIHc2Se7svL6pXMU6l84Z4f9ar3dpUrvgQuQdpcgIF3kDRRpRYmCp8BNonxH2O2Wmer40iW2PhADsjuWbvKe9w3h2oObHU5XuRMCeEQHMkSmb47TDc9mQIxPiFIPUtHKDELsFpcqcnjUYUYWdnccWfVVGivqhAB0J-xgXWV5sHUpmwg3KVyI0yaTrkj3CFLxTaSgKkx7Ohqui9--IIRgEdzkXaMD-4KbV1ahHM5wuTSTSqDfDKGU72W1v31xcclS14uimQK0njrOfn25OrBuHeoagwHko0U4_hag1DX6ehN5G72undwgTir7IbgDf2DUEPadS9pzfrjU29E-GciUxVItvoRll4nKzBS5IVdP52zgBBnwz7ylhSilIgVOCjKqLMkCkySfruj5v078VTuIs3HM4Mn-K5TsWbgHf7sovGLbe_Pbe02IsxSV8qWfv0Eq06VJM9LGIp3nJUkynKr-xI_yyXSJRWcjlSht0R2vYOwqhwqWG04g0fTHJEAWVOz0MfXY5fWqxdqHQDItaUPgS95rhjwzdCyKP9VTAO65x-ujfMFE9DP7DVrNkgIsHMN-pT1gWiB42HXh0NWU99xT9Qhoz5X1Rn1-6lPM6_YJZPVbtLCWnxxffUa2JKUAumJzWoGuZVrHAE8cTMCllmIjFh8Ys8giTtFbj77dLipqBed0Zhxu40SR80X2Sy7Cfj6CSd0R3oKPQPWdCZVvxCODyNiAnHWcSHkJzD_WcA-lwfIVeGpXmuzowXuAyU_IRIgwvNkqiGXHE2itRWVzhnMP1iYjsV5Fz3GccNIxT7fBmiDDd2YObSrSVcr1RDheW4wyMlpcqIBsjxWgUOIQqxWkmkTLWYHjJD31odXYwlTwqZc_rsyyyZwoAyms5mx4EJbcdcSakjNVlNtAgvIe8fd7LPaB_89fX7KYbx327gUbUBgHImwREgvWR-eqjg9Yze3N9SBSkv-e-OStjF3qisZyItneSbRr5IB8J8uxH4-z4DtE2kytDULAGCF1-IQXcJoqS5qIRpcWbBsY9uK5p7LBVT6I4DYhxRwlCFU7qxCPFoZO1NFhWUphWO79zrh5pNOVt0EN6bVIoHVn9KmoDvC3cp04Uu5KBBfPCm0lA5T22kiAZb5GIwK98J1sodSzcBvWA74dvj5ycaDLUiV64u4K3KmR1zZVc3uDksTU2xuFfihJqGqd-PyBASzxbhG7Ik0OU6hyxQhHJuQ33--91v6iGW4q0XPrVFN8PKZWenk449b8NfrPMXO1ghZjGGExn2JFXWv8mjm_r13SgZ_f7dom-w-oOva39BUUmlTBOn0Jh_d2pIlE0LPKvwyP8vON2CAw6zErqD598Kisut1jFrAL4BUBgqKqbRWjEuI42M1SuGn0vIDhayHmdZJXIOrDdSgO4qA3y-G7KIbfQk5f8Mfk0LGqEtw8w-NkkKnRH2ZdMc3Rz6kQ8E7nx2QVlq2oN8-xigKmxjEU7Lca2lg-RIhAnwzdC3rJElF4lg84ZL_m7W65NY3klemeJTJlSP4AfguvOuJ8pHvgHH2EgdoEYDJjxrysmnN9qzkE4vB8hZcb7AvPb3npnzusFEiR6i7_KIZb_oc6EV1AzLHhSVGfZRkh2zg7NETFArmnRko3dJrQysBVyWNEaRy5cVQBfhqlrn5hlF6K8eP2MJKE0icBr9xJasXVSzIeqceqOpK9W97QRY5R0rk-5GfmdvNavg1oAsiEk-RHYLLjczvuMRhkq_e0d8XJe-Cg8suc56pTnPesnI9WGGv02_leK0LkPi-g0yFsYqeAJoLoPG2imqswz-SVa4s4OlmQzRYARRdH9z4WSprsodHWQP0W5xi48dYDQ89oboC5350nJcBYGoQTK3Lv0-rm1RumXKLAwPXwiXeXGEr7ggQ61de0Kj_9SUqYLnLVi0t9Inyw2kjjRcZTWSz2tfDrtybkAXt041r--IxQS5a9Ixots616bPajS_UTAMDOohNX5duNKwW3vy1R1tCAL6ieZhIV9xUca1TmZ6j5c4vsh9GP5kPLamHSjagvP65CsZpkZ370pCu4hgdHi9QT8b2qOK7lnOSy3AOez9fjTH4ZSJYEu0vKIy_fwPtz4HvsLTalweBdGukm0KKXqyKpq1IMHw1ZH1cC5w-irzG29xDhjRTpa9K7-e0IHgN-4PDziciBSzOVwrytXpN7kRdb5Q4AiTpolUfg4c-i9-LVzTKDLzx2yk6usms-HGT0axAHikBrbh9hCgskLcmlrMV-ErnCISr4zjjuOSBgAv_8bz5G888s_THtA4haw40SKhA7_jf2Iiq5XkaglSqwtky5VHdT3XvFe1fdcF-cijZ64Hhowd-x68gxltlfLqgb3XT7-qh3ILtllCF6gnKXMTzX0W3-SoD0TTcrkz1utpY2qNjX5yOWg_qGRkh8uMHTU2Ec0lKJsKDQUSjwjirn02zRBvotxfG5ZC6XYxxfkVi0snwedXETWuumr6TcI2FpGblE5c-_UZ7m2KF0K5AoOmhq4BQRba7m5u44cd7BSkNk0vMIQATmZ_gooD7m_ydGON8_Hcjyja6Rpo3y_X2A-FI-RluTzPXaed4Es1vGGjBbIY8w3zO2M1VJA9a-LNzhArgT8TT2z2FQfD-n&cid=CAQSPABygQiDc0Bn0g7tpeFjA8J5ZUi4iOSDF1aRx7JWHhDmnwLWEBuGpUyFif2g4Av2XWrej3AmR01jSqUzSBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Farazu.io%2F&ds=l&xdt=1&iif=1&cor=3794890116086139400&adk=2124396030&idt=123&cac=0&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

945cf8708483289ce642ede599a119fb57809279f24bf88d9fb73ed523bc9676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7904588434615810&output=html&h=600&slotname=3442238449&adk=4167361309&adf=1058229150&pi=t.ma~as.3442238449&w=196&fwrn=4&fwrnh=100&lmt=1683754394&rafmt=1&format=196x600&url=https%3A%2F%2Farazu.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683754394895&bpp=2&bdt=755&idt=2&shv=r20230508&mjsv=m202305040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D84274cd854f0948f-227607e6c6dd00e5%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w&gpic=UID%3D00000bf96b6ef0da%3AT%3D1683754394%3ART%3D1683754394%3AS%3DALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg&prev_fmts=0x0&nras=1&correlator=559176557707&frm=20&pv=1&ga_vid=1129290202.1683754394&ga_sid=1683754395&ga_hid=2043408544&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1252&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C42532089%2C44773809%2C42532185%2C31071756%2C31074432%2C31074458%2C44788442%2C44790154&oid=2&pvsid=1338657298236137&tmod=344725728&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QZUvWx56pG&p=https%3A//arazu.io&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11350
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CD78 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnDKZq_CqGFS2A97D234Ev0gEHSFHoNCzIFqBirR9tZGvHktyONY2FK6WMhfHjJtzZhtAP9MrQAUqAq6kNPohQ0FMkapKxcZa7bj2bOw6SWwwSjyHB7cgmp5L7TVGA5nAKupYc_UZGGeJp7HrG1PNWGMNxCjNKX9k4qMYwZLY-yCASjA8&cry=1&dbm_d=AKAmf-BHbr-xGw7TkV89oioNsbzm5oWOvZi_Jgo-Urln-TaVtpjk0YW4AYWRGzHFLuGcGBaAA7i650HKehvJyUgGLjlxkwI708yxwWc6lEgNuUhiCl2wSOH9AHirVOtTKzjbwLM4pNmLbj9aXSUyWyr9h07t3ASwuJbe1JEs_TluKLjcRmdX2uOdy7Bg4kW0GpOnChiJa4HzV2tBydgJQukO9wi498d1t-h11Vhgrd1Pn3qxGqpRN5iE3gHmn_DOlIHc2Se7svL6pXMU6l84Z4f9ar3dpUrvgQuQdpcgIF3kDRRpRYmCp8BNonxH2O2Wmer40iW2PhADsjuWbvKe9w3h2oObHU5XuRMCeEQHMkSmb47TDc9mQIxPiFIPUtHKDELsFpcqcnjUYUYWdnccWfVVGivqhAB0J-xgXWV5sHUpmwg3KVyI0yaTrkj3CFLxTaSgKkx7Ohqui9--IIRgEdzkXaMD-4KbV1ahHM5wuTSTSqDfDKGU72W1v31xcclS14uimQK0njrOfn25OrBuHeoagwHko0U4_hag1DX6ehN5G72undwgTir7IbgDf2DUEPadS9pzfrjU29E-GciUxVItvoRll4nKzBS5IVdP52zgBBnwz7ylhSilIgVOCjKqLMkCkySfruj5v078VTuIs3HM4Mn-K5TsWbgHf7sovGLbe_Pbe02IsxSV8qWfv0Eq06VJM9LGIp3nJUkynKr-xI_yyXSJRWcjlSht0R2vYOwqhwqWG04g0fTHJEAWVOz0MfXY5fWqxdqHQDItaUPgS95rhjwzdCyKP9VTAO65x-ujfMFE9DP7DVrNkgIsHMN-pT1gWiB42HXh0NWU99xT9Qhoz5X1Rn1-6lPM6_YJZPVbtLCWnxxffUa2JKUAumJzWoGuZVrHAE8cTMCllmIjFh8Ys8giTtFbj77dLipqBed0Zhxu40SR80X2Sy7Cfj6CSd0R3oKPQPWdCZVvxCODyNiAnHWcSHkJzD_WcA-lwfIVeGpXmuzowXuAyU_IRIgwvNkqiGXHE2itRWVzhnMP1iYjsV5Fz3GccNIxT7fBmiDDd2YObSrSVcr1RDheW4wyMlpcqIBsjxWgUOIQqxWkmkTLWYHjJD31odXYwlTwqZc_rsyyyZwoAyms5mx4EJbcdcSakjNVlNtAgvIe8fd7LPaB_89fX7KYbx327gUbUBgHImwREgvWR-eqjg9Yze3N9SBSkv-e-OStjF3qisZyItneSbRr5IB8J8uxH4-z4DtE2kytDULAGCF1-IQXcJoqS5qIRpcWbBsY9uK5p7LBVT6I4DYhxRwlCFU7qxCPFoZO1NFhWUphWO79zrh5pNOVt0EN6bVIoHVn9KmoDvC3cp04Uu5KBBfPCm0lA5T22kiAZb5GIwK98J1sodSzcBvWA74dvj5ycaDLUiV64u4K3KmR1zZVc3uDksTU2xuFfihJqGqd-PyBASzxbhG7Ik0OU6hyxQhHJuQ33--91v6iGW4q0XPrVFN8PKZWenk449b8NfrPMXO1ghZjGGExn2JFXWv8mjm_r13SgZ_f7dom-w-oOva39BUUmlTBOn0Jh_d2pIlE0LPKvwyP8vON2CAw6zErqD598Kisut1jFrAL4BUBgqKqbRWjEuI42M1SuGn0vIDhayHmdZJXIOrDdSgO4qA3y-G7KIbfQk5f8Mfk0LGqEtw8w-NkkKnRH2ZdMc3Rz6kQ8E7nx2QVlq2oN8-xigKmxjEU7Lca2lg-RIhAnwzdC3rJElF4lg84ZL_m7W65NY3klemeJTJlSP4AfguvOuJ8pHvgHH2EgdoEYDJjxrysmnN9qzkE4vB8hZcb7AvPb3npnzusFEiR6i7_KIZb_oc6EV1AzLHhSVGfZRkh2zg7NETFArmnRko3dJrQysBVyWNEaRy5cVQBfhqlrn5hlF6K8eP2MJKE0icBr9xJasXVSzIeqceqOpK9W97QRY5R0rk-5GfmdvNavg1oAsiEk-RHYLLjczvuMRhkq_e0d8XJe-Cg8suc56pTnPesnI9WGGv02_leK0LkPi-g0yFsYqeAJoLoPG2imqswz-SVa4s4OlmQzRYARRdH9z4WSprsodHWQP0W5xi48dYDQ89oboC5350nJcBYGoQTK3Lv0-rm1RumXKLAwPXwiXeXGEr7ggQ61de0Kj_9SUqYLnLVi0t9Inyw2kjjRcZTWSz2tfDrtybkAXt041r--IxQS5a9Ixots616bPajS_UTAMDOohNX5duNKwW3vy1R1tCAL6ieZhIV9xUca1TmZ6j5c4vsh9GP5kPLamHSjagvP65CsZpkZ370pCu4hgdHi9QT8b2qOK7lnOSy3AOez9fjTH4ZSJYEu0vKIy_fwPtz4HvsLTalweBdGukm0KKXqyKpq1IMHw1ZH1cC5w-irzG29xDhjRTpa9K7-e0IHgN-4PDziciBSzOVwrytXpN7kRdb5Q4AiTpolUfg4c-i9-LVzTKDLzx2yk6usms-HGT0axAHikBrbh9hCgskLcmlrMV-ErnCISr4zjjuOSBgAv_8bz5G888s_THtA4haw40SKhA7_jf2Iiq5XkaglSqwtky5VHdT3XvFe1fdcF-cijZ64Hhowd-x68gxltlfLqgb3XT7-qh3ILtllCF6gnKXMTzX0W3-SoD0TTcrkz1utpY2qNjX5yOWg_qGRkh8uMHTU2Ec0lKJsKDQUSjwjirn02zRBvotxfG5ZC6XYxxfkVi0snwedXETWuumr6TcI2FpGblE5c-_UZ7m2KF0K5AoOmhq4BQRba7m5u44cd7BSkNk0vMIQATmZ_gooD7m_ydGON8_Hcjyja6Rpo3y_X2A-FI-RluTzPXaed4Es1vGGjBbIY8w3zO2M1VJA9a-LNzhArgT8TT2z2FQfD-n&cid=CAQSPABygQiDc0Bn0g7tpeFjA8J5ZUi4iOSDF1aRx7JWHhDmnwLWEBuGpUyFif2g4Av2XWrej3AmR01jSqUzSBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Farazu.io%2F&ds=l&xdt=1&iif=1&cor=3794890116086139400&adk=2124396030&idt=123&cac=0&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 04:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 04:43:57 GMT

GET
H/1.1 200
OK dvbs_src_internal117.js Show response
cdn.doubleverify.com/ Frame CD78 57 KB
19 KB 60ms
60ms Script
application/javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=28473661&cmp=29823371&plc=366423291&sid=7758003&dvregion=0&unit=160x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Wed, 10 May 2023 21:33:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Server: Microsoft-IIS/10.0
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18840

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C37 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 04:43:57 GMT
expires: Thu, 09 May 2024 04:43:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C37 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/08cn5b8EVMSc5l6e1YWDk0jg24yFrQ2cZ845B_qPECM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 23:41:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14732
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 May 2024 23:41:33 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame CD78 1 KB
928 B 308ms
44ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_480105883929&jsTagObjCallback=__tagObject_callback_480105883929&num=6&ctx=28473661&cmp=29823371&plc=366423291&sid=7758003&advid=&adsrv=&unit=160x600&isdvvid=&uid=480105883929&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=113&bridua=3&dup=null&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=3&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau2C2KF%5D%3A%40TauU2%3F4r92%3A%3Fl9EEADTbpTauTau2C2KF%5D%3A%40Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&dvp_exetime=5.90&callbackName=__verify_callback_480105883929
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 71e3617eae50c0bdc1ab1f3978a87c83a164b6104942898575b1135df3d1cce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 May 2023 21:33:16 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 05/09/2023 21:33:16

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C37 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7YbTnA1cZPj8Cpmh3wOAo4S4BgAAAAA4AeAEAg&bg=!ycqlyp7NAAYldGN0BXQ7ADkAdvg8WtGRC5K9-m7FMiHnCvlsvDYEsjqsympaGqfuATUtuRJqIyZE1-DkDr42BWss0zzEKe9nu-8CAAAAPVIAAAACaAEHCgAeQv5FF5W7xsJ1qp41WnIK0Rjf1xKrcPPBNt7l6xbHmQLozgkidC-LGcJQ6p4U6YUgfutN0DCs6Dh4-YY3Q6hP_zV7LV55MMBwjym0V7F9I8JNwS5fo5yqXQGQd4G66hUO8nTi_3160yNmdhzmU9ckLyhMcKazRHPxqA5KcrQebMqOWxpza7Lsrb9aecWnY7xL5q8BA7aMKhMi7vxHjDzKIZ7D3MDG2PYKb5doBQ07srwbWbXj4DUdYI2J2aONWLGOXGLsK8o8WDEaHKTOsDhozjuYbUFAP2HNjvjhVbe7aWPh6tPe9nLPicwojEl14p_beDq4G0RmSGx3hhCbOzzEXb9x-EG_aS5T6ItWklF-YdicoWUMvWkcFF9WI6zxhN262V2yLsChlVQEMDzBw_yX9Y5NVE8Mn-Xmc56ZW7-AT4DZmxiui_CwWo4tk0wnARFyPZBtYon6_Hk4GgySjDyRYPcYunU0Qd8ykuG4rR_lqNKcISfQ3DfzOIVZWWxy8QQtO3GBTHBOt9JhXIfp8Mt_tE6ovd5UEgHPDGKMgcdlioChdtqQor348Qxf4oR67FQHDgUTP6PbG5SmIml5M1MTJRqnN3_OCfretvzDWxoC-P7ys7Fir_vWKYuE7ZrKFbcFG3sugWmyQp4Pfl_zsZuin7xGmiA2OXpauBEhmmpthWCINsqGoZGFEuETrFwEzUneSdbNwPOmzt4CaRuknU81FhmtlnOvivXl_ovGmZo_PjSOLH4LYJabAf6onPtt4UHyyeGO1jtevAxzDlW0YeHQUDLRsU_rke5TCzNzhAmYS9T2WJWpaQCaM6El-37TyoTLqxuBKxUA-RwPTaHHkxoDh5ca2pIsUCMuib4JA7D4v4pfr_qzZzEJ2ZC9MbAk04rySGyJ92rtMlhGJl72mhb8iB5AnKifEDDmIvKnJNB1wl9XbC38xGgI44dgqVY4-DQ6bmhz7gVQHbiKYS6ETVqvx21VkrJ3GFBpRABRRzefDNLbDS6-l8NOQ1mYxI8wQxU_7cHyA37LU4Wm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame CD78 0
234 B 78ms
30ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=22c93ea737aa418585746d1f9a783fe5&vfdur=308&cbust=1683754396609694
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Wed, 10 May 2023 21:33:16 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 05/09/2023 21:33:16

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame CD78 16 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 10 May 2023 22:10:56 GMT

GET
H2 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame CD78 60 KB
23 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 May 2024 17:11:06 GMT

GET
H2 200 B9689862.280626343;dc_ver=95.280;sz=160x600;u_sd=1;dc_adk=2365659248;ord=c1z723;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Farazu.io%2F$0;xdt=1;crlt=c-n!q!*... Show response
ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/ Frame F422 55 KB
26 KB 129ms
59ms Document
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=95.280;sz=160x600;u_sd=1;dc_adk=2365659248;ord=c1z723;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Farazu.io%2F$0;xdt=1;crlt=c-n!q!*rHG;stc=1;chaa=1;sttr=38;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

357467438c9d5d890edcd8e32bdd8d6fbd2996ee17db57000819c43fc3beb8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 26550
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 21:33:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 98FF 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 07:18:46 GMT
etag: 48472445140208031
expires: Thu, 11 May 2023 07:18:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENa641fK3iTq89cWjBrFqYg&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OHB2Y0FzeWUxUFdScVk1&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cver=1&google_push=ATf1kGNYzh__bt9zor9NcIQ-CzlQns29-TSHCrcTTfcJNpN...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OHB2Y0FzeWUxUFdScVk1&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cver=1&google_push=ATf1kGNYzh__bt9zor9NcIQ-CzlQns29-TSHCrcTTfcJNpNwA3as3gCuqyb0Y7uhGKCRyjRBPU9Jp3iQWPU7BPbQnosQf_y9Eat5Obg

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 May 2023 21:33:16 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OHB2Y0FzeWUxUFdScVk1&google_gid=CAESENa641fK3iTq89cWjBrFqYg&google_cver=1&google_push=ATf1kGNYzh__bt9zor9NcIQ-CzlQns29-TSHCrcTTfcJNpNwA3as3gCuqyb0Y7uhGKCRyjRBPU9Jp3iQWPU7BPbQnosQf_y9Eat5Obg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG5KmIsJKrG1zIp0Ri_1BgI&google_cver=1&google_push=ATf1kGMi3kAf0AF7Lgny4OH1fhvpZWiH_QgB3pTM27kQETkVLpoq4KR9KkrX2Hg3IugdRr_sObxNC1D65hoQ_4...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTY3MDA2NTMzNjY3ODU1Mw%3D%3D&google_push=ATf1kGMi3kAf0AF7Lgny4OH1fhvpZWiH_QgB3pTM27kQETkVLpoq4KR9KkrX2Hg3IugdRr_sObxNC1D65hoQ_4O_sM...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTY3MDA2NTMzNjY3ODU1Mw%3D%3D&google_push=ATf1kGMi3kAf0AF7Lgny4OH1fhvpZWiH_QgB3pTM27kQETkVLpoq4KR9KkrX2Hg3IugdRr_sObxNC1D65hoQ_4O_sMpwAS53ix6waOM

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMTY3MDA2NTMzNjY3ODU1Mw%3D%3D&google_push=ATf1kGMi3kAf0AF7Lgny4OH1fhvpZWiH_QgB3pTM27kQETkVLpoq4KR9KkrX2Hg3IugdRr_sObxNC1D65hoQ_4O_sMpwAS53ix6waOM
Date: Wed, 10 May 2023 21:33:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDi95W7dK34aYhDNKk8-kWc&google_cver=1&google_push=ATf1kGMF57Ts0TjU_vzrXkiod1Oa3RAe6k4ywRDE7ha1n8KmladRdn5OQnOVHi1fabLm0ibPcHfCgS1VYLh9fLRmYO7bIWo...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMF57Ts0TjU_vzrXkiod1Oa3RAe6k4ywRDE7ha1n8KmladRdn5OQnOVHi1fabLm0ibPcHfCgS1VYLh9fLRmYO7bIWo4_yVU5kqn&google_hm=eS1rWXJKWkhKRTJwRW...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMF57Ts0TjU_vzrXkiod1Oa3RAe6k4ywRDE7ha1n8KmladRdn5OQnOVHi1fabLm0ibPcHfCgS1VYLh9fLRmYO7bIWo4_yVU5kqn&google_hm=eS1rWXJKWkhKRTJwRWV5cDlWalJOcmVVeU5UUXFBYmMxR35B

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 May 2023 21:33:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMF57Ts0TjU_vzrXkiod1Oa3RAe6k4ywRDE7ha1n8KmladRdn5OQnOVHi1fabLm0ibPcHfCgS1VYLh9fLRmYO7bIWo4_yVU5kqn&google_hm=eS1rWXJKWkhKRTJwRWV5cDlWalJOcmVVeU5UUXFBYmMxR35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEKY3-0uejzn2kT8DflSgOnI&google_cver=1&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQG...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKY3-0uejzn2kT8DflSgOnI&google_cver=1&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26G...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQGAfzXFYUPt

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQGAfzXFYUPt

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGMUNGlXFkPFhIA5S9N6DgGTR7QSagK0HQ0AdZzzT5hRj2Khm4qS43kRArhEqISlyEMkYUhtPDySZ9igHRoW1J26GQGAfzXFYUPt
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB3IGHFA45svwmDa_tUEAc0&google_cver=1&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT63y...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEB3IGHFA45svwmDa_tUEAc0&google_cver=1&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtl...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA0MzY2MDM1OTM0NDU4OTM5Nw&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT6...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA0MzY2MDM1OTM0NDU4OTM5Nw&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT63y9PPs3Um0Qe8dORnsR6wMf_tV

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA0MzY2MDM1OTM0NDU4OTM5Nw&google_push=ATf1kGNcaY--2HEPGn9SvgvPXHozaaCfWn6DHUuEsfD0pR3ECt5dmvomQU9_JqKWKc-HAynpOtlqT63y9PPs3Um0Qe8dORnsR6wMf_tV
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycibrNLhRbi7vzfSLXYrSA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycibrNLhRbi7vzfSLXYrSA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNi1TpOwfJseVcko_w6-WS31QNCwc_LLSJREDdjYmwp21yHbo9Gq5HMuRuUx_LY4CNZFkKUMCjueZkX0XISkUX8h6rYeqOQPB8

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ycibrNLhRbi7vzfSLXYrSA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNi1TpOwfJseVcko_w6-WS31QNCwc_LLSJREDdjYmwp21yHbo9Gq5HMuRuUx_LY4CNZFkKUMCjueZkX0XISkUX8h6rYeqOQPB8
date: Wed, 10 May 2023 21:33:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 98FF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKFBxu4Qi8Dw06uyJUsaraw&google_cver=1&google_push=ATf1kGPGszm8w8v-sIUYi67i8Uz6jUFyZWe2WWCB4aogxPVjaC0ixQPi5m9aLhvIWXbxmygo26F...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhJN1c3RlktVS1HQk1C&google_push=ATf1kGPGszm8w8v-sIUYi67i8Uz6jUFyZWe2WWCB4aogxPVjaC0ixQPi5m9aLhvIWXbxmygo26FnI3mr5E-Fy_wmg3cfmHLB4knODnQB

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhJN1c3RlktVS1HQk1C&google_push=ATf1kGPGszm8w8v-sIUYi67i8Uz6jUFyZWe2WWCB4aogxPVjaC0ixQPi5m9aLhvIWXbxmygo26FnI3mr5E-Fy_wmg3cfmHLB4knODnQB

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhJN1c3RlktVS1HQk1C&google_push=ATf1kGPGszm8w8v-sIUYi67i8Uz6jUFyZWe2WWCB4aogxPVjaC0ixQPi5m9aLhvIWXbxmygo26FnI3mr5E-Fy_wmg3cfmHLB4knODnQB
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 98FF 0
12 B 31ms
31ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6kKemFGyg9aBLKJ4IGFTB7C2-_DBmJ686dIQTJPHHCgv41f0XzLsG-fK5RTT2Fz_PMV_K

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 2457098971912548461
s0.2mdn.net/simgad/ Frame F422 173 KB
173 KB 88ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2457098971912548461

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1395.150740DOUBLEVERIFY/B9689862.280626343;dc_ver=95.280;sz=160x600;u_sd=1;dc_adk=2365659248;ord=c1z723;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Farazu.io%2F$0;xdt=1;crlt=c-n!q!*rHG;stc=1;chaa=1;sttr=38;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 13:24:30 GMT
x-content-type-options: nosniff
age: 202126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176805
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 16:06:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 May 2024 13:24:30 GMT

GET
H3 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/xfa/ Frame F422 10 KB
4 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f823b76d559f40b10d0fd1373ea500341a4db528842ea36821bc6fe80c1621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 18:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4272
x-xss-protection: 0
server: cafe
etag: 16687143975010171978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 18:58:41 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/elements/html/ Frame F422 11 KB
4 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 07:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 May 2023 07:18:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F422 169 KB
52 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 21:33:16 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F422 0
0 132ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulrVxZsT2bybG7QgEeB8HAz8buew9Q52A-8G1EurBXBBp06EmaTCEwh8-rB-fX4dkVAk8uqg8Wr0wsPwG0MHZTIN6MB7vR5C3UNSDGGDzA6nZTpB-LPvQMl0FePiJiAnQujFcwO0Ae7BPG9ppQ1_0-lg&sai=AMfl-YTjHAVEbQRL1UINiH1Er8iyBQEydwcMWi8kCxqvqrkBO3sCT4AutNHQq8pYBMAvjeiOPWcsMo_d6Op0quNGzDlBOf-AtpW6X0b40g&sig=Cg0ArKJSzPL8NbU_wPYjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230508.83027&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 May 2023 21:33:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F422 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 04:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2024 04:43:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F422 7 KB
6 KB 67ms
65ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb68559ab2b7ee40db64816d6ef27e4a6fa5d3cdad7287f7d11aec6f2d867284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5554
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 19BF 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 04:43:57 GMT
expires: Thu, 09 May 2024 04:43:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 19BF 38 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HFuUK9PmT_Lq_5RJk8JSvLsboBRSyXeRIfQWcOegxFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14734
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 20:41:59 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F422 0
0 61ms
61ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulrVxZsT2bybG7QgEeB8HAz8buew9Q52A-8G1EurBXBBp06EmaTCEwh8-rB-fX4dkVAk8uqg8Wr0wsPwG0MHZTIN6MB7vR5C3UNSDGGDzA6nZTpB-LPvQMl0FePiJiAnQujFcwO0Ae7BPG9ppQ1_0-lg&sai=AMfl-YTjHAVEbQRL1UINiH1Er8iyBQEydwcMWi8kCxqvqrkBO3sCT4AutNHQq8pYBMAvjeiOPWcsMo_d6Op0quNGzDlBOf-AtpW6X0b40g&sig=Cg0ArKJSzPL8NbU_wPYjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&vt=11&dtpt=157&dett=2&cstd=0&cisv=r20230508.83027&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 May 2023 21:33:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F422 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/xfa/sodar_loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 May 2023 21:33:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 71ms
71ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230508&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e89d954740e810790cb61b562ce3a581db741f38705828a1e11f5046fd6c9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11094
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19BF 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1A0mnA1cZNyHL4rCgAfCiLWwDwAAAAA4AeAEAg&bg=!29il2IzNAAYV_mUANf47ADkAdvg8WsA8yGzy_86FpQf3Zv9KNdi0IwTwXf1filH0c6JoYBfTL89Fh-VlV-rS9CqbDnFZsYIgHo4CAAAARlIAAAACaAEHmQL8kwlDTca3U9G4bWCjeowIzz32OkcxOv0pG4YwnwTXfbvpzqMPYz2h0iq7rTp6HdxPqyOxoCE9P7Uh8jP-V0o5jPQrVQKWm7yyH0AzvYH2c2UbFfQuNQut9tkl5mvUsCr25giUuP0gbooZ8cRETZ7FJVlySAJ22I_nZQ2TXCZdDZYo1j8lfENRYbxNBcuMQjOT3r2kp2uZjK5Md8h8w7ecXth5WiTKZS4kFYmlH2PKVkZJJUs6-7I2qS5WtqTtvrgojNKyewPF8acVbFZxjBy7q9m0yHbwi_kENeZWL88QUOEC-fvUopP895spqN1sKyrSIZScZ7rSEW2o9MbNvH7LRfTS9PZRcyAZNv5rLeqPlgWKTciyUKaVptB4XWAVI8cuRZQc0U01-P-u9ql3OHaMAIs3gM7sFG9SBdAgahpWID60QkhCPnFSWoyD7FyB0a4a4DkeZ36OJz5lF_SU5LM3bYTuAVeRyE69hxp44fTghcHN8OfV0CTdt1B5E77-4-fVqtIwYRcJZukoo4rmT14ZFiuFgyN2cvxDsfG8uaX9jgzROJ7n2As9SKVvvhaHLdYhsmfFYGFH4njEv67FRplB9tm0pXBgITIT9MO44GYoSjBpo73zOjZACuBV4U4p_vOwCoPdAn3jTOcbJktLdEALbfujydDiSQguidpm3m_JWag9l3tReGc527qV16Tqc5FMSr4U5TqYx_iWcNRAhuEIONk_kFyS02f2qW0CEgKs7MAAt9DPTxMlba_dN7ISqZGeedQyJaNQiMQ0-yy5WmNl1YHVxQiSXUNdi4DjaHgg4jVEJUs5wQti1fE5FXcCAAa2lXl6VXosUD3sbVD5IUsQgZfyAsMqC8viNSJyq1B7nkD4SPU0uPYoP9FeFQ6I6JEz0mYmP7YTlCNmqFaVx2ZU75gz-6CPbre-LKq9iUvPmCtmDOvN1yoSvkmkVog2I0BWrSWy_xlFFxZUTZEt4jY_ak97SQUkhfEnGgITbhXaMGRTWXugnco8CJ2ocSo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C1E 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 16:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 May 2024 16:08:27 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 May 2023 21:33:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6BFE 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arazu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 21:00:29 GMT
expires: Thu, 09 May 2024 21:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 79D2 783 B
998 B 33ms
33ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33172d6703133b25c099e643b4eb126e26ac958a1233e0021202ec895c2c8d47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aoO_jXAs_3os8B09YpTbcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arazu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-aoO_jXAs_3os8B09YpTbcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 21:33:17 GMT
expires: Wed, 10 May 2023 21:33:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BFE 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 16:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14581
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 May 2024 16:08:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 79D2 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230508&jk=1338657298236137&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6BFE 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZDBnvA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 21:33:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230508&jk=1338657298236137&bg=!mpmlmc3NAAYV_mUANf47ADkAdvg8Wjzdhi9INUQbaFQO8Ho1Qh-Rb1SO6Drm3H75H2mj-6BjFdtTLe5ptLDK_bohiH9G0iinFmoCAAAAW1IAAAAOaAEHmQKXg0WMKg4l6HZjVDtopxkpgkbVkkDESctKoN2H55TCWq3aZ9GuQG9h3Kz-Ykh96T9YzjLm_MDFSOjf9gcUDS5giiWwxPqW6eXufIGjY3zvXT9M14fS6itGzn77jQY83EM8UQAY1NJFaXJ4kzkoOslnWse3ww6z-SsIVIGfabzgvweoxUNNp8A51AJhsOAN2g_mFmQZ6oM-B4E09JqWZfFveFie8QiRL7An8Kv_VjGLqjXNYABHxyEg8TfwZG5NClLXS9t2AHCOzJBAAwcVwlI1rce5RTuntc70oVKRNJfYRR1Ldy_2gx9QVGS4-WWQ1G3uQiOk3gAc4VK-6UC_pg5Dcf1fXx6EwwAh4kQl328XK2TwKdkSi5MiGr17il3VNSmy7YPnKSu6ulcygbGY_meoqLOLtMdUhIQ9IFlZVxXN9I9BKKEP4Fd_XfWmM35PwwphSnN9vov5EIxTyXB7fYtBvfnqJKsKTQdhSd83y_MzFM9cvrJaTXKfSsdn-DOkgQAtIaITueQ-F6b7kGYEnIyMwT3a04Y-ARDyZ8aRCcQQyUCaWAyH9qAVl2MXR0havmpNw77_ZpjarQNHHBh4FYG-TMqCjb0y9zQs5ZHk1Nam9I5zEnfGLWlEzcUo7A0KBIc-sw_SQx1riQLXYopIMPOA9ITcvRqsGh-UUTY-2JsZot0skDxnZJwCOo_IEwG46oe94yqKX7J3jGmhngOU0VZfawMjgKu1kOjnqc5r0_y8AYEkzj3ii-wHKOQIShMW53XiWH8nDxb8ZDLzi3Pzz2h5YNF_Uvej5UcxLCTN-hzXQx9DY8L_aiI6IfI3173FoWQ83T9Q5a4Hv3l3-rJjH_CESPFRpdImiXE1JQjkI97WNPmNXWxPiGDm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arazu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CD78 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4977566260310&version=m202301230201&ct=76&x=1&cor=3794890116086139400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 May 2023 21:33:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: .webp
URL: https://.webp/

Domain: .webp
URL: https://.webp/

Domain: .webp
URL: https://.webp/

Domain: .webp
URL: https://.webp/

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arazu.io/	1970-01-20 21:18:34	Name: _ga Value: GA1.1.1129290202.1683754394
.arazu.io/	1970-01-20 21:04:10	Name: __gads Value: ID=84274cd854f0948f-227607e6c6dd00e5:T=1683754394:RT=1683754394:S=ALNI_MZiwCpjdQuMzGNNiqj9J8ue4SZu8w
.arazu.io/	1970-01-20 21:04:10	Name: __gpi Value: UID=00000bf96b6ef0da:T=1683754394:RT=1683754394:S=ALNI_Mb6f5M4NgrqJgC4sUh-EQqLj4m8sg
.doubleclick.net/	1970-01-20 21:04:10	Name: IDE Value: AHWqTUktrHf_64FwHCPDztogfH6sbopn-V_P2STMfwRhmFyyRArD0oLtoaUFNd6JrJI
.arazu.io/	1970-01-20 21:18:34	Name: _ga_C50PTYCBF1 Value: GS1.1.1683754394.1.1.1683754395.59.0.0
.adnxs.com/	1970-01-20 13:52:10	Name: uuid2 Value: 8782057399813148200
.casalemedia.com/	1970-01-20 20:28:10	Name: CMID Value: ZFwNnJSgZcTkHXcgMMEZ-gAA
.casalemedia.com/	1970-01-20 13:52:10	Name: CMPS Value: 5221
.casalemedia.com/	1970-01-20 13:52:10	Name: CMPRO Value: 5221
.adnxs.com/	1970-01-20 13:52:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTulSq:e!]tbPl1M>e)ZlrFUfJ+tGXxoaYrpW)ACwkR<6u:2IJdMLXwKWLYvnQV-z?.U3If)y3KL9D3I?+E:n!9N
.adfarm1.adition.com/	1970-01-20 13:52:10	Name: UserID1 Value: 7231670065336678553
.w55c.net/	1970-01-20 21:14:15	Name: wfivefivec Value: 8pvcAsye1PWRqY5
.w55c.net/	1970-01-20 12:25:46	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 11:44:00	Name: KTPCACOOKIE Value: YES
.de17a.com/	1970-01-20 20:20:58	Name: guid Value: 1.2016794787937568642
.adform.net/	1970-01-20 12:27:12	Name: C Value: 1
.pubmatic.com/	1970-01-20 20:28:10	Name: KADUSERCOOKIE Value: C9C89BAC-D2E1-45B8-BBBF-37D22D762B48
.yahoo.com/	1970-01-20 20:28:31	Name: A3 Value: d=AQABBJwNXGQCEDux_8j9ylJ-IBN1jFjMsQsFEgEBAQFfXWRlZAAAAAAA_eMAAA&S=AQAAAokHgjAjbIPVhJLlblEfc_s
.adform.net/	1970-01-20 13:08:58	Name: uid Value: 3043660359344589397

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://.webp/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://.webp/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://.webp/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://.webp/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

.webp
ad.doubleclick.net
adservice.google.com
adservice.google.de
arazu.io
c1.adform.net
cdn.doubleverify.com
cdn.jsdelivr.net
cm.g.doubleclick.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.analytics.google.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
.webp
130.211.44.5
142.250.181.226
142.250.181.230
142.250.186.98
185.64.190.78
185.80.39.216
2001:4860:4802:32::36
213.155.156.165
2400:52e0:1e00::1078:1
2a00:1450:4001:801::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:ba29
2a04:4e42:400::485
2a05:d018:d29:3601:1a95:7ea:ebf7:b0a7
3.125.249.165
37.157.6.233
37.252.171.84
69.173.144.139
85.114.159.93
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1c5b942bd3e64ff2eaff944993c252bcbb1ba01452c9779121f41670e7a0c45c
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
24beec90360fbc4dcca39789546b5449e0834fffef9e21a76f0040d2326ca8ad
24f823b76d559f40b10d0fd1373ea500341a4db528842ea36821bc6fe80c1621
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33172d6703133b25c099e643b4eb126e26ac958a1233e0021202ec895c2c8d47
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
357467438c9d5d890edcd8e32bdd8d6fbd2996ee17db57000819c43fc3beb8d2
3e89d954740e810790cb61b562ce3a581db741f38705828a1e11f5046fd6c9f6
4149f252125510e2732a827f921d6f6c01cc13c51f65b78fb37ced3fd205dcae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5459f61e54c1830a3c4630eed00bb675b2c0a975849dbb4920e705ba6f253172
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71e3617eae50c0bdc1ab1f3978a87c83a164b6104942898575b1135df3d1cce8
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
945cf8708483289ce642ede599a119fb57809279f24bf88d9fb73ed523bc9676
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8114aeda00ce280c3d10e65e7aceca437eccbe6cf6bd301d9980e1fb9c795cf
b8e61af9dd2919bdbbdb8b5ab37c6b07992d91e6b66099c4ac801b30f53d2216
bb68559ab2b7ee40db64816d6ef27e4a6fa5d3cdad7287f7d11aec6f2d867284
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c93325f0a1eb4bf5e2058a7c78ea709ce5e15bb0b14e9323616d332839e5e7c2
d3c727e5bf0454c49ce65e9ed585839348e0db8c85ad0d9c67ce3907fa8f1023
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8c89b0459ec4d6069037002ff5d824395ff37dbf866bc4298fce22d336b182a
de888581f50300c283ac747272e2765bcd8d0f5fd92b2d149c3c939228d71a71
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

arazu.io Open in urlscan Pro 2400:52e0:1e00::1078:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

81 %HTTPS

59 %IPv6

21 Domains

31 Subdomains

23 IPs

8 Countries

856 kBTransfer

2150 kBSize

19 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

arazu.io Open in urlscan Pro
2400:52e0:1e00::1078:1 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

81 %
HTTPS

59 %
IPv6

21
Domains

31
Subdomains

23
IPs

8
Countries

856 kB
Transfer

2150 kB
Size

19
Cookies

77 HTTP transactions
7 data transactions