www.outlookiniciarsesion.com Open in urlscan Pro
2a00:1450:4001:827::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.outlookiniciarsesion.com/
Effective URL:
https://www.outlookiniciarsesion.com/
Submission: On October 19 via api (October 19th 2022, 6:08:01 pm UTC) from AR — Scanned from DE

Summary HTTP 182 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 28 IPs in 3 countries across 19 domains to perform 182 HTTP transactions. The main IP is 2a00:1450:4001:827::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.outlookiniciarsesion.com.
TLS certificate: Issued by GTS CA 1D4 on September 20th 2022. Valid for: 3 months.

This is the only time www.outlookiniciarsesion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2009	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::ac43:c78f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	200.58.122.108 200.58.122.108	27823 (Dattatec.com) (Dattatec.com)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3 49	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:18::9	15169 (GOOGLE) (GOOGLE)
182	28

3 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.outlookiniciarsesion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
draft.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c78f (United States)

ASN13335 (CLOUDFLARENET, US)

suitcom.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 200.58.122.108 (Rosario, Argentina)

ASN27823 (Dattatec.com, AR)
PTR: mkt.ferozo.com

app.envialosimple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:18::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edndl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com 3 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	975 KB
27	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 323 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317 bid.g.doubleclick.net — Cisco Umbrella Rank: 444	583 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	245 KB
14	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 12201 3.bp.blogspot.com — Cisco Umbrella Rank: 12207 1.bp.blogspot.com — Cisco Umbrella Rank: 9487 2.bp.blogspot.com — Cisco Umbrella Rank: 12420	94 KB
11	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	163 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	325 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 273 gcdn.2mdn.net — Cisco Umbrella Rank: 933 r4---sn-4g5edndl.c.2mdn.net — Cisco Umbrella Rank: 404810	39 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8724	1 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 8726 draft.blogger.com — Cisco Umbrella Rank: 68925	64 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720	33 KB
3	outlookiniciarsesion.com 1 redirects www.outlookiniciarsesion.com	22 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 278	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	339 B
1	envialosimple.com app.envialosimple.com	2 KB
1	suitcom.com.ar suitcom.com.ar	8 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 16119	300 B
182	19

	Domain	Requested by
49	tpc.googlesyndication.com	3 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.outlookiniciarsesion.com imasdk.googleapis.com
23	pagead2.googlesyndication.com	www.outlookiniciarsesion.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.outlookiniciarsesion.com
9	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	www.outlookiniciarsesion.com fonts.googleapis.com
7	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net www.outlookiniciarsesion.com
7	www.googletagservices.com	googleads.g.doubleclick.net www.outlookiniciarsesion.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
4	static.doubleclick.net	googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com
4	adservice.google.de	pagead2.googlesyndication.com
4	1.bp.blogspot.com	www.outlookiniciarsesion.com
4	3.bp.blogspot.com	www.outlookiniciarsesion.com
3	2.bp.blogspot.com	www.outlookiniciarsesion.com
3	4.bp.blogspot.com	www.outlookiniciarsesion.com
3	maxcdn.bootstrapcdn.com	www.outlookiniciarsesion.com
3	www.outlookiniciarsesion.com	1 redirects www.outlookiniciarsesion.com
2	r4---sn-4g5edndl.c.2mdn.net	googleads.g.doubleclick.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.outlookiniciarsesion.com
2	www.facebook.com	www.outlookiniciarsesion.com
2	connect.facebook.net	www.outlookiniciarsesion.com connect.facebook.net
2	draft.blogger.com	www.outlookiniciarsesion.com
2	www.blogger.com	www.outlookiniciarsesion.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	app.envialosimple.com	www.outlookiniciarsesion.com
1	suitcom.com.ar	www.outlookiniciarsesion.com
1	resources.blogblog.com	www.outlookiniciarsesion.com
1	ajax.googleapis.com	www.outlookiniciarsesion.com
182	34

This site contains links to these domains. Also see Links.

Domain
draft.blogger.com
www.outlook.com
www.skype.com
onedrive.live.com
www.blogger.com

Subject Issuer	Validity	Valid
www.outlookiniciarsesion.com GTS CA 1D4	`2022-09-20` - `2022-12-19`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
envialosimple.com R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.outlookiniciarsesion.com/
Frame ID: 523693D2D5B252958D307AB300F9BD79
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/zrt_lookup.html
Frame ID: C9CC43C262FDD608E204319D29E53844
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&slotname=3752156729&adk=4188284142&adf=2401029384&pi=t.ma~as.3752156729&w=773&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202875101&bpp=6&bdt=253&idt=398&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=368080079795&frm=20&pv=2&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JbxGQbxWKH&p=https%3A//www.outlookiniciarsesion.com&dtd=417
Frame ID: B10167C03A9CDE783E522D82A730A8B6
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0C4500FF2EF5E23468ECC66E215FEFAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A8F3633E0544AF6F6EFE8C7D7C7FED08
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: E2206751AA50E45EE5C5D9FD243B904D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&adk=1812271804&adf=3025194257&lmt=1660715091&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202876679&bpp=1&bdt=1831&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280&nras=1&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=10
Frame ID: 146A7C285AB50D69A09E2DFF15D7126E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1197452612&pi=t.aa~a.3700839215~i.12~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=2&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0&nras=2&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8f7henPER&p=https%3A//www.outlookiniciarsesion.com&dtd=23
Frame ID: 351B7189FDE81A39D5C5DADCC6BD5302
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30
Frame ID: D45CFC31D5725E73987112C18F1AC217
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36
Frame ID: 81650DFD32FCB41CDA3376C4BA52A9BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41
Frame ID: D262B5A846A660793B40E33BA80AD3D1
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=100&adk=1273620997&adf=2122703699&pi=t.aa~a.2379756499~rp.4&w=384&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&to=qs&pwprc=7632397828&format=384x100&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280%2C773x280&nras=6&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=MstTPFtiNI&p=https%3A//www.outlookiniciarsesion.com&dtd=46
Frame ID: E662D61E235108B4ACCE0F30E27F408B
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1AB849B80446735FF6787F05FB5557AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3BD2CD450F137A7308F72007298343D2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6CDC5436050617305E6AEE6C3A5C82EA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
Frame ID: DC10B57E9D406FB8A6C4F2325E9AE0B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnsBxCgu8sBGK7-sdABMAE&v=APEucNUV-4aUxgmsb8-fK8Sf0WZYj3DL8kAksrgBSiUJUymupZpEtP4DYg7KBPP-c8h7UzcBYbVrhES6mO059iTCMepXEkNdrg
Frame ID: 10E4009899C1ADE4A629659EEA34B68E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPCHFy23lVrFxbi21UbAOHlFRXEADX-1TuikdxZhhFVkWjjat3dGA3FfC7TWwUuRomNT3Ox9huuAQUPnJcWtaj-gS2pw&cry=1&dbm_d=AKAmf-CBlxXSlaQU4V8nWbUNuxjlutichcI5hV2QZTDijdYIF3uIZ53zF0HT9vgShYSVMzg6_y45mzH9Hr5Z77MxK5eFrY2toyIHVVZzeDjw6WaSXkrbOGK_6x16YygiHzYaSmI5wb4upTIGj0SQe2N4hTDdUoLIyvA1K6ZV9UZ540Y76tEZtxqWhsXJsp3fwQPFfGm2OMnY0M-eTzgYbpQiY_SRXals_5y7DmPGDZeftj6bzu-M6ikIGSUMTd8uGgwCOiW6wAFoOjSNNSaXlk7rATvc-qWlGX1IuqnXQkSG6oQalQdXJIv3tPbhoAeGYfPF_63DzuZluAYrJa5fTj-Ti7Kk17ITVrnzDEfiUbqqol_6Ll36h8vr_Dqyiem7e3Vc7Oos4imqhKvK9aWbaYLJZeV3qoZhQeTi1C3gubTw2V5edKH4w_Cqm0pqZqnzD7gpjs-s2s-EUO9mISmPZMR1wWtq-tbfo0UDJQ8BIK0F2WOy66AfkySpKqKX0uU-PBWqgAxyHk7iqlyShXUw5BYbHjur1sbeMSenOLrbd7dwoJqkEJV3BcBeUygR6JURSfeAUFZt4RJvxh2CZ3S4o5d4TZa6wQ-OBj375rAHTki4Ov--iRQj9Rw-ipWNbNk3Lh0YQdedzHAiKP-50UPL71LDVX2NZQ-lI-D7ivlAKxPQfvd3ajzg-dK7fEZd-G7Af1vB0Z0Adh2iKPFtpl70teJo1oXA5_3DPVDEmr1xJ3ZD0Qsx7ffYv4xCP2KPqV8AT2erB-0HEHY_khToal4fVKXREoArtyXZ5A_6UZ8Fp0cLBJWnVjjCVv9HhCT_DvOwUgA9riwnm9boWgCe7FpNkYBDDOWRIj4KSlBvoONqaxxIFSptcaojnQ1oEfvqu1YNtovNFSxaOm2a6j3c8hMyd7_pYVfctLbTXSjpXgsuvpyVlAq4WvL0YJQM6EXShDoYh6ZtSsYx2HdsCWcSqYJjnYmEhmhpF-8HMG3ihiqMgdzt9uVXaIBWDcJPuEVe4gjTYxTlTg2Q3s8E3RCRVyaq8AxGu6KZmTfAy_I1SDeWy9Jz8jgloBktVOZXQsTGTHJ6DbxKZh5EEGwePRmG4YKyEpWvpwJcr4Gc5GmKuxvZ9Lc5AvIshvkHeOLw6L2oBIHE-1Duh9m1mG_GXB-14shhBHZNinFOqYIDYkp9FFMOMmwb8l6TGoSARZB5YlFDQzKsvwntenE0w_dFevVEtbHAOR_w8pU8aXVDzvu_PEL_nrhEXLRXCzSSUx130i2LWLnSvDS00XXgrauhiuhTB4Gsun8SSIBjukGUAAWDtgRKkjUTD8Cw1SJ7k5yDDffFeUBDbo2UnIrfJz7uGtctrSuPWnd7CKtbvcUP1KH1ISA8l2rpVNLdtJFt43tzvD_wpRpd8JOm429lwASuI6Pfiz6NtBUO3slPsmxSInkh3YIEnCiuf1md2fafZKnZso-UgvGpiP5hzA5y0Llxyv5N2JtmJDq3EsicuruidNSxs3o2YJCG3M81cSsuB01tcl8aOW76zu68UffTAkGqKn7nSjy_WDzhmxG3wcwSe5njjWjDAdHIVXtUfnMpOFDjWk1I2MAsk3qEdtivVXVWC71D-Y7mbJ6Cv8pzLpqXJTsK4_agN62ZgrXUMeIB6oNj-ITGrsgCc2Uib1AzU4f68ehQ_Qu3b8UZ6Hk1Vwq-85FH4OoS4ReUcMPXQcQ4XT2VtMXSDWNP2IHV0MM8hQfkPNDeYPmPTiqRwCcumJbY9Oqp3ne28oj-hBCcnzBGCPrB-wFrcIu3BC6OYTd-yVqjLDAWJcJktfowu2whu_fOHt4_vw2egiT84QD1ySoxfFLB7jDlZvbFDXDbdcF0_sJoz53W71BSkmgFyAWitL4xfaZfBqy5jTHXSM2vLSARiyd9qLO0D_LXSUlMACRha1gJJXnR8xT2l1SCR0WUvfgqxc7JmKZA54MWN8FPHTLejG3LfcqFh29rnoznk6mqtNuMfoGioEPpVQmkYMYMVdgH-ijTdITBCL-08qnTrPNFnEba2XJdgmjCsnH8AGC3ewxPSG2wjqjs1jFWOD9OKtg0uJi1NnVEtGLQJgRrODUgyF8jabjn3ucepIajYe0UmdDQRcm8H6kdfJlPCDAl0P-m4EOjk2OxmCO6Zrouk7Iyq3Wnk5-Yd5M-eW_WNmhwJwZESCUtFM2lHtjSB3jZ80eioh6pcAdxYJLmOwOEHFEpBU2_tCbyYoNVZ1E9CW_dC-ecm0-UifZOH37jUMVUtCUeD2D7xweavoRK-DRIqm1qOhRxPjMSboP4LdUokPmoU1j9WTpeMbFx7sJeeDWpuXLtUnjg4jvm9O44_ZBQ8nFrxVnogITkM1Ejy9sC7mlG0sakjmKJ82t6ylEadSBb-qMY1SWT5c5aEDUtc25toBf8SklClXE98exM__GAwYol3_ILdsTf0IX1jn4JgGBSh3tnkNRRrMjxEXCOVCDbiOaAqm2FFhoJlrsvTEDt6br8Tyrq3AVHNBrS5bOy--GWiesNo7KdLCLxxymG-ToXICVBVPuavu8R_3ebkvML_xSSBvr_2WFvb_88tkqUCn-Kt_IJNY6br9U7oDXtxloSGqgoeDgVVJE3QD1EgLBYC0wnLx_RcBLfngWJTq9XVRbQzQx82qy2vZXesH9ETjhP2uyykkYUbxhpAXeBRBQn-ytfasfbzgCsm88VZjm8aYxpEFFFdPnrUeNzQwtyllAxEeM0HDKk0-ydNPfFfV0MiFCArgp4pPjhJG73lDjIXBT6LQ-UpIB9l7czxDm-pUTeygL_TzSyR-aXUxodIs7YQv-VAEhQxgrq-52lJ8YCfOrrYDu8VZKgcWnpfpwZkJuC7IAQojuH6P26_NuXN4Krv-OiGkwu7tU7ojkwQq6eGjSGhPrlqy3i91xsGIqEDYdA0TSIHSNH8cxBQrgJP0BJNaOckNv4tEupzzIKAZkKI2Dbq5QGZPms_k3S_U7HOj4s-7au6EZYvP16kXF65InXpS5gn4JJY7-8DsmeSHofCuYw3uc1W4NgDaQmf7NYvfQ1J0wucUg3ipf4icHm4ilSaFU2SwyTSJQnTD3PIcsOGeMkLktOli_Fzl-KjNqRB8Nbwejsx3o-gqdgzaTB-dN-0rL10K8VagU-r1PRfbgcEG6E1IuH0P7fkA8LBu3gstbcdWQY7ltS0grrvUeffLRn06T2X7tj_tG33wwau6bP_2Wn8hecLXScV-MXp2BJZSFlD-8GHvjvKOAmnYRFR7E3iPFAEQbNtLsY4KmY3NgZ2KIW3oDGo2VksK-4EuyFyYdMJQrHBac1u83wjrt6J7JPYCLUarfuiJI7IswnB0JK1IudnXmGbgUW7PMrgckCLLjw1dLt1zcw-6TmTtjk--yCrV2bbWriOGI0oFvCHgDjpxB9dwwQONWdNJ6C4ScFstzjLlJrOMEJpoxRvgVeXrHf91PNwDM0rOGmZBgZr0r4MUmd81DttYT-r3bRhUOZ-XMFiBws54sBGFJkYSYWCcCaR_vHvAa8&cid=CAQSOwDq26N97yWfv2lRQZ0IW2n45zR-lb8EL7pJmUHyR1hhMYALYUFDMVUgPVrDmOsKg4Zrs5LR7MO4BwgRGAEgDg&rfl=2%2Chttps%253A%252F%252Fwww.outlookiniciarsesion.com%252F%240
Frame ID: D1A085BFEB5B632C2865D8FBB0A4FDF9
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F0B3DC0FEF7E1B70554E7368EB3E5429
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 19AC2E598E12E58E55389BA83C62042B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C873AD775C0E88A65C3ABAEE5DEF1A97
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: F17E3546EF6E3E4FD4DC6EFA4E38525E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html
Frame ID: 670B992AC43FC1C04740DD04936F5F0B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C6EuP_TxQY9WkJ-KG7gKX-KWAC9OpsKJs3Ob0wLkQ9qDjhIwOEAEg84r2A2CV4pCCoAegAbebzr4DyAEJqQJRkiwkv3iwPqgDAcgDSKoEgQJP0OPbErzCWR0MDL8IajUA9EO3wpr0fvhaf9NuA-VlqfXQEreUMUHTEycKlBMAz1Iki8GM_wHW1mz-HAC3-uFIlbTufpV-E2s3cyzV9TrDfaAytnUksZic9ey1lcfGGVLnkWv1ksChJimCbmLkeefLEFv5BeMBAj-ddfNkjGffJY0UHNjLAV_xxTkwtv6ufY-KNcluvOxwj0GOxJzeBrT37_GODp36NXRi8Kf5zdcgeP7ZD9pLmvth0PVG_wBBhh8enJzD8HTX9YKyUhsh8NcyHu1qGf5ME7YuV8JoapED72dIHnStEkPrMA_npVgZi8s1DVCItGJajx6jcj_Y5F_dDcAEzIDPi68DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7HksUGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC_6QHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAaIMCCoGCgTPp7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIyNjQzNTE5MDYxNDA1NzgYAA&sigh=Vkzs30zIoDk&uach_m=[UACH]&cid=CAQSOwDq26N93QqFKpHnLPFUG8nCVsiOMwvhQ-uCOKZwVVPiu3GtOXUh-sF4_8kVYIDoZIwwfDUm_sUsdsHYGAEgDg&template_id=419
Frame ID: 1B4163F18EBDB571FBB60F204EBE1E31
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: D7047546F62CF356C8DF020E25C352A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 98AF4B1D2D6EA453941BE5BEFC9F0FFF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js
Frame ID: 73ED44BFA2824CCD6F5CCE82A22F92F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Outlook Iniciar Sesion - Hotmail Correo

Page URL History Show full URLs

http://www.outlookiniciarsesion.com/ HTTP 301
https://www.outlookiniciarsesion.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

98 %
HTTPS

89 %
IPv6

19
Domains

34
Subdomains

28
IPs

3
Countries

2684 kB
Transfer

6445 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://draft.blogger.com/post-edit.g?blogID=2813910211221482690&postID=2630991431380390058&from=pencil

Search URL Search Domain Scan URL

URL: https://www.outlook.com/?mkt=es-us

Search URL Search Domain Scan URL

URL: https://www.outlook.com/
Title: www.outlook.com

Search URL Search Domain Scan URL

URL: https://www.skype.com/
Title: Skype

Search URL Search Domain Scan URL

URL: https://onedrive.live.com/
Title: Onedrive

Search URL Search Domain Scan URL

URL: https://draft.blogger.com/post-edit.g?blogID=2813910211221482690&postID=1751238841286704025&from=pencil

Search URL Search Domain Scan URL

URL: https://draft.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.outlookiniciarsesion.com/ HTTP 301
https://www.outlookiniciarsesion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 100

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 149

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 177

https://gcdn.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5195F1756C96AFA16DA4D43080E012A06E90E208.2CAFC2B0AA260B8802FC5E5A62C7172932EEE431/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0D5D7B9C0C0ECF3082186F3102CF1D0B71B866A7.0B5B1909771D2FC63CE759644C7BEDF399BB041A/key/cms1/cms_redirect/yes/mh/jh/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1666202456/mv/m/mvi/4/pl/49/file/file.mp4

182 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.outlookiniciarsesion.com/
Redirect Chain

http://www.outlookiniciarsesion.com/
https://www.outlookiniciarsesion.com/

96 KB
19 KB

244ms
200ms

Document
text/html

2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec74b3278b3a952dd642d33120b74f75ec33a97b807496bd1d9330e441c3ac53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 19179
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 18:07:54 GMT
etag: W/"54ff8586a9e61b2c55ee29f762523aca85d8f71a99ae0c94fa32eedd82489bd1"
expires: Wed, 19 Oct 2022 18:07:54 GMT
last-modified: Wed, 17 Aug 2022 05:44:51 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 182
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Oct 2022 18:07:54 GMT
Expires: Wed, 19 Oct 2022 18:07:54 GMT
Location: https://www.outlookiniciarsesion.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 2975350028-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 60ms
18ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 00:50:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 18 Oct 2023 08:11:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.5/ 84 KB
30 KB 58ms
16ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 00:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30082
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 00:16:02 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 76ms
35ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 20451520
cdn-cachedat: 02/24/2022 14:58:46
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fbe7e6fea753e22c4e1fd8ba1cf2b066
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75cb74c029785c80-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 23 KB
3 KB 74ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap-theme.min.css

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 20452524
cdn-cachedat: 11/16/2021 10:25:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 849421a10851f6b3ec43b27f96a7cb32
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75cb74c0297b5c80-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 76ms
37ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 23107208
cdn-cachedat: 2021-08-02 20:17:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5ff25f9a1c8a5b9bb60761eb541fc458
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75cb74c0297c5c80-FRA
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 111ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2caf6b43a26403bc0656b68607a3f178d300e9fe38c0963ebabe211001c92791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55162
x-xss-protection: 0
server: cafe
etag: 9466616162227861742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 18:07:55 GMT

GET
H2 200 acciones%2Br%25C3%25A1pidas%2Ben%2Btu%2Bcuenta%2BOutlook.com.jpg
4.bp.blogspot.com/--R-rFUkxWug/WFm4X2SmxWI/AAAAAAAAFl0/33Bs7Of6imEf779xaeieJ3eRl8NA2uEBQCLcB/s1600/ 32 KB
32 KB 476ms
418ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--R-rFUkxWug/WFm4X2SmxWI/AAAAAAAAFl0/33Bs7Of6imEf779xaeieJ3eRl8NA2uEBQCLcB/s1600/acciones%2Br%25C3%25A1pidas%2Ben%2Btu%2Bcuenta%2BOutlook.com.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

08feb6c7ce3d347d741c038844d50d8bc8e895a38ca59861fb46f3a531c2c333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v1660"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="acciones r_pidas en tu cuenta Outlook.com.jpg";filename*=UTF-8''acciones%20r%C3%A1pidas%20en%20tu%20cuenta%20Outlook.com.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32550
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
300 B 36ms
33ms Image
image/gif 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:29:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Oct 2022 15:52:39 GMT
server: sffe
age: 473903
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 21 Oct 2022 06:29:31 GMT

GET
H2 200 animacioniniciohotmail.gif
3.bp.blogspot.com/-UTUcdWCqsn4/UT5hZa9tLBI/AAAAAAAABSs/jik4KAw6bN8/s1600/ 22 KB
22 KB 460ms
396ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UTUcdWCqsn4/UT5hZa9tLBI/AAAAAAAABSs/jik4KAw6bN8/s1600/animacioniniciohotmail.gif

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f8a0417ed308d219bbf069e77f243964ebca50c3d8ea3c099b16aa46257e713c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v17a8"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="animacioniniciohotmail.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22156
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 dios16.jpg
suitcom.com.ar/luciano/hotmail/ 7 KB
8 KB 1098ms
609ms Image
image/jpeg 2606:4700:3036::ac43:c78f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://suitcom.com.ar/luciano/hotmail/dios16.jpg
Requested by: Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c78f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b916fa6539644143cbc7d5f686eabc1039c85d327fdfe47bbdc1361f4cb357cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
cf-cache-status: MISS
last-modified: Mon, 14 May 2018 14:18:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7wkXghOTXe2lTAEoEn8cfpoFQh0oNuYQ%2BMi%2BcFkTQgoChX8WMQcyVuLFwizYdPss4I3yvFLZzT26QH%2F1fd5E9%2FCFEBiOvsR4MLRON6qITpmWMaS%2BPzE5N%2BE4zMsVjDFqALjDXeDk82z1kST7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 75cb74c41a33ef2c-PDX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7247

GET
H/1.1 200
OK widget Show response
app.envialosimple.com/form/show/AdministratorID/17546/FormID/6/format/ 4 KB
2 KB 1721ms
288ms Script
text/html 200.58.122.108
Dattatec.com

General

Check archive.org

Show headers Download Go to

Full URL: https://app.envialosimple.com/form/show/AdministratorID/17546/FormID/6/format/widget
Requested by: Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.58.122.108 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS: mkt.ferozo.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: db2136e4db2916abf279925757a082f59eaa074b19f09d41611c77444024315b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Oct 2022 18:07:56 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,User-Agent
X-HOSTNAME: envialoapp01.linux.backend
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html; charset=latin1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-IP: 200.58.122.108
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1168
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 animacioniniciohotmail.gif
3.bp.blogspot.com/-UTUcdWCqsn4/UT5hZa9tLBI/AAAAAAAABSs/jik4KAw6bN8/w72-h72-p-k-no-nu/ 4 KB
4 KB 469ms
406ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-UTUcdWCqsn4/UT5hZa9tLBI/AAAAAAAABSs/jik4KAw6bN8/w72-h72-p-k-no-nu/animacioniniciohotmail.gif

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6363ae3512eb57d501c15a5a5bd491f0b243f4791149b5ca91ad2db8cb92fd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v17a8"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="animacioniniciohotmail.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3813
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 acciones%2Br%25C3%25A1pidas%2Ben%2Btu%2Bcuenta%2BOutlook.com.jpg
4.bp.blogspot.com/--R-rFUkxWug/WFm4X2SmxWI/AAAAAAAAFl0/33Bs7Of6imEf779xaeieJ3eRl8NA2uEBQCLcB/w72-h72-p-k-no-nu/ 3 KB
4 KB 462ms
406ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--R-rFUkxWug/WFm4X2SmxWI/AAAAAAAAFl0/33Bs7Of6imEf779xaeieJ3eRl8NA2uEBQCLcB/w72-h72-p-k-no-nu/acciones%2Br%25C3%25A1pidas%2Ben%2Btu%2Bcuenta%2BOutlook.com.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

092f0eb5e169f957cf9b81dc0d41ab42dd49e4ac3769308f9d2ab49edaf4527d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v1660"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="acciones r_pidas en tu cuenta Outlook.com.jpg";filename*=UTF-8''acciones%20r%C3%A1pidas%20en%20tu%20cuenta%20Outlook.com.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3335
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 outlook%2Biniciar%2Bsesion%2Bcontrase%25C3%25B1a.jpg
1.bp.blogspot.com/-vaMs7pRhDpU/VoFEhMiG6sI/AAAAAAAAEMs/X1M-xVhRFhg/w72-h72-p-k-no-nu/ 3 KB
3 KB 448ms
392ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vaMs7pRhDpU/VoFEhMiG6sI/AAAAAAAAEMs/X1M-xVhRFhg/w72-h72-p-k-no-nu/outlook%2Biniciar%2Bsesion%2Bcontrase%25C3%25B1a.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b05e6af7dcb9d62777e32c55dbc5ba779662b4f8a107ed13afb3a8aba2bb169e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v10cc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="outlook iniciar sesion contrase_a.jpg";filename*=UTF-8''outlook%20iniciar%20sesion%20contrase%C3%B1a.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2838
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 desbloquear%2Bmi%2Bcuenta%2Bde%2BOutlook.jpg
3.bp.blogspot.com/-g40Yxj9othE/VkYaXjYg_ZI/AAAAAAAAEFQ/GvhCfVnqvoI/w72-h72-p-k-no-nu/ 4 KB
4 KB 551ms
489ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-g40Yxj9othE/VkYaXjYg_ZI/AAAAAAAAEFQ/GvhCfVnqvoI/w72-h72-p-k-no-nu/desbloquear%2Bmi%2Bcuenta%2Bde%2BOutlook.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3427786f019f31a5c0cfcb59fa2d60d0beab67281fbc80fbff73c20d867aa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v1055"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="desbloquear mi cuenta de Outlook.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4452
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 bandeja%2Bde%2Bentrada%2Bde%2BOutlook.jpg
2.bp.blogspot.com/-hKBdMGmo3NQ/WKXnUxU4v6I/AAAAAAAAFzg/jVQwbbB0K9wPz-qvniah4HavGD_6lJ6VgCLcB/w72-h72-p-k-no-nu/ 4 KB
4 KB 436ms
394ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-hKBdMGmo3NQ/WKXnUxU4v6I/AAAAAAAAFzg/jVQwbbB0K9wPz-qvniah4HavGD_6lJ6VgCLcB/w72-h72-p-k-no-nu/bandeja%2Bde%2Bentrada%2Bde%2BOutlook.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a9d6bb2c139e0a647fd81fd27ec5e5604c12b527ea25fa39ab5b972a88bcc67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v173a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bandeja de entrada de Outlook.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4194
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 Exorcismo+por+Skype.gif
1.bp.blogspot.com/-hHE4v5_oSqY/UwTggNC-PbI/AAAAAAAACGw/ZaO7-0xAh2U/w72-h72-p-k-no-nu/ 4 KB
4 KB 430ms
404ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-hHE4v5_oSqY/UwTggNC-PbI/AAAAAAAACGw/ZaO7-0xAh2U/w72-h72-p-k-no-nu/Exorcismo+por+Skype.gif

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25104ab3fd6fc6bf33f61e0521336fca5e898c49a76a1265cf01be9fc747b6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v86d"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Exorcismo por Skype.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4296
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 gmail.jpg
4.bp.blogspot.com/-nQU_r5xoHHI/UKD_NugXQYI/AAAAAAAAA-4/32yuc3bPjbM/w72-h72-p-k-no-nu/ 3 KB
3 KB 504ms
478ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-nQU_r5xoHHI/UKD_NugXQYI/AAAAAAAAA-4/32yuc3bPjbM/w72-h72-p-k-no-nu/gmail.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

512d81252cf7a28724b3b36326433b93c5979de856071513f7a5caf4c788768b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "vefa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gmail.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 solucionar%2Bel%2Bproblemas%2Bcon%2Bla%2Baplicaci%25C3%25B3n%2BOutlook.jpg
2.bp.blogspot.com/-Nj84eVZ6hqI/WCD7TYCVPaI/AAAAAAAAFbI/8RytFwiuVhkFKr8C__v1VS9WZGStBuOTQCLcB/w72-h72-p-k-no-nu/ 4 KB
4 KB 328ms
291ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-Nj84eVZ6hqI/WCD7TYCVPaI/AAAAAAAAFbI/8RytFwiuVhkFKr8C__v1VS9WZGStBuOTQCLcB/w72-h72-p-k-no-nu/solucionar%2Bel%2Bproblemas%2Bcon%2Bla%2Baplicaci%25C3%25B3n%2BOutlook.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c6692cfc51d2625a25430efb54bbae2738a27b1dee4ed7e4d3e9ea66cf8e4d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "v15b3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="solucionar el problemas con la aplicaci_n Outlook.jpg";filename*=UTF-8''solucionar%20el%20problemas%20con%20la%20aplicaci%C3%B3n%20Outlook.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3590
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 Como%2Bver%2Blos%2B%C3%BAltimos%2Binicios%2Bde%2Bsesi%C3%B3n%2Bpara%2Bcontrolar%2Bsi%2Balguien%2Best%C3%A1%2Baccediendo%2Ba%2Bnuestra%2Bcuenta%2Bde%2BOutlook.jpg
1.bp.blogspot.com/-UpDbxcvti5w/VPoD9zwYKJI/AAAAAAAADUY/7pHCgHh2kck/w72-h72-p-k-no-nu/ 3 KB
4 KB 384ms
384ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UpDbxcvti5w/VPoD9zwYKJI/AAAAAAAADUY/7pHCgHh2kck/w72-h72-p-k-no-nu/Como%2Bver%2Blos%2B%C3%BAltimos%2Binicios%2Bde%2Bsesi%C3%B3n%2Bpara%2Bcontrolar%2Bsi%2Balguien%2Best%C3%A1%2Baccediendo%2Ba%2Bnuestra%2Bcuenta%2Bde%2BOutlook.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b73264c0c90d138f73a32bc6543eda4662c2f3a495749027f766f020a3ab1a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "vd47"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Como ver los _ltimos inicios de sesi_n para controlar si alguien est_ accediendo a nuestra cuenta de Outlook.jpg";filename*=UTF-8''Como%20ver%20los%20%C3%BAltimos%20inicios%20de%20sesi%C3%B3n%20para%20controlar%20si%20alguien%20est%C3%A1%20accediendo%20a%20nuestra%20cuenta%20de%20Outlook.jpg
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3507
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 Lanzan+Outlook+web+app,+para+Android.jpg
2.bp.blogspot.com/-l-5KpfHWBXQ/U6L3qxa5zNI/AAAAAAAACoA/ufpK9mNUpqM/w72-h72-p-k-no-nu/ 3 KB
3 KB 335ms
334ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-l-5KpfHWBXQ/U6L3qxa5zNI/AAAAAAAACoA/ufpK9mNUpqM/w72-h72-p-k-no-nu/Lanzan+Outlook+web+app,+para+Android.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dbcea4c587b951f5e0e92f5a7634fb956e4a236343ee219ff986e4f3dbb571cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "va81"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Lanzan Outlook web app, para Android.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2788
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 pasar-hotmail-outlook.jpg
1.bp.blogspot.com/-xOTOgZamCgQ/UJkEoU2sXZI/AAAAAAAAA-E/dDuzd6H3rYs/w72-h72-p-k-no-nu/ 3 KB
3 KB 258ms
257ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xOTOgZamCgQ/UJkEoU2sXZI/AAAAAAAAA-E/dDuzd6H3rYs/w72-h72-p-k-no-nu/pasar-hotmail-outlook.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67553df3c0b2841ffec7c7c5c2409ca8c52c59b6f2ab35feb9ec5b2eda21d6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "vefa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasar-hotmail-outlook.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 cookienotice.js Show response
www.outlookiniciarsesion.com/js/ 6 KB
2 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.outlookiniciarsesion.com/js/cookienotice.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Oct 2022 15:50:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 26 Oct 2022 18:07:54 GMT

GET
H2 200 1583485740-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1583485740-widgets.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56805
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 06:52:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 18 Oct 2023 08:29:34 GMT

GET
H2 200 authorization.css
draft.blogger.com/dyn-css/ 1 B
684 B 609ms
593ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=2813910211221482690&zx=b8971208-ebdc-4d3b-a283-652d790748fc

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 19 Oct 2022 18:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Oct 2022 18:07:55 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 97ms
32ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Oct 2022 18:07:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: n3Mpi3ghZoCbnQcSPkgvZoqprDjefW0i4yMEFbX1ewb8Om+QWjVJx41b1uTesSrOBbVcyCKNCMMFeqtN9TW9kQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fondo-azul.jpg
3.bp.blogspot.com/-t2yvIuQx_7g/UWf2i9526II/AAAAAAAABXg/_PPgHRfxgrQ/s0/ 441 B
545 B 548ms
491ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-t2yvIuQx_7g/UWf2i9526II/AAAAAAAABXg/_PPgHRfxgrQ/s0/fondo-azul.jpg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

943e4f596c022417a21200f6789eda7d05328e8837b3b63c858fe54275801165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
x-content-type-options: nosniff
server: fife
etag: "vefa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fondo-azul.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 441
x-xss-protection: 0
expires: Thu, 20 Oct 2022 18:07:55 GMT

GET
H2 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v17/ 35 KB
36 KB 67ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v17/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Origin: https://www.outlookiniciarsesion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:42:45 GMT
x-content-type-options: nosniff
age: 599110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36220
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 19:42:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 353 KB
116 KB 356ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2264351906140578&plah=www.outlookiniciarsesion.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6918d18e7ae5ddef561b97436bde3bf5c15c42cc34c2d0e5da9298ac98e9f54b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118735
x-xss-protection: 0
server: cafe
etag: 3117286035061039824
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 18:07:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/ Frame C9CC 10 KB
5 KB 57ms
16ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 50086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 04:13:09 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 04:13:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2269434343355462 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 175ms
156ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2269434343355462?v=2.9.86&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21e057372a96679c80cce6d20774b77699906574b4b303719fd149b273f48e80

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Oct 2022 18:07:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GqcoMkSB6RJSRQSxU+4xYb+SnGCymCeaJHkHbYI7RxcD38aSkneRywmXWaXqLEd6LUeruylWMU37agGeU/cEZw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 415 B
339 B 55ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.outlookiniciarsesion.com&callback=_gfp_s_&client=ca-pub-2264351906140578&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2264351906140578&plah=www.outlookiniciarsesion.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a31ea7f57b84a9fc7cc7d9377858df48be40cc4ac89a9f73b6e762e3072362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 82ms
25ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
25ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B101 97 KB
34 KB 549ms
512ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&slotname=3752156729&adk=4188284142&adf=2401029384&pi=t.ma~as.3752156729&w=773&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202875101&bpp=6&bdt=253&idt=398&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=368080079795&frm=20&pv=2&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JbxGQbxWKH&p=https%3A//www.outlookiniciarsesion.com&dtd=417

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bc0f37f0a76de996a8c92161a9db8a6cf70a4e1c369d1985fa88c996711d428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:56 GMT
expires: Wed, 19 Oct 2022 18:07:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 52ms
18ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2269434343355462&ev=PageView&dl=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&rl=&if=false&ts=1666202875544&sw=1600&sh=1200&v=2.9.86&r=stable&ec=0&o=30&fbp=fb.1.1666202875543.2010498937&it=1666202875223&coo=false&rqm=GET

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Oct 2022 18:07:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 authorization.css
draft.blogger.com/dyn-css/ 1 B
43 B 592ms
591ms Stylesheet
text/css 2a00:1450:4001:831::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=2813910211221482690&zx=b8971208-ebdc-4d3b-a283-652d790748fc

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Wed, 19 Oct 2022 18:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Oct 2022 18:07:56 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0C45 0
18 B 483ms
242ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.outlookiniciarsesion.com
Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.outlookiniciarsesion.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:56 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 cc2fa6f05f6b7ab36f626f2501931c3a.js Show response
www.gstatic.com/mysidia/ Frame B101 10 KB
5 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&slotname=3752156729&adk=4188284142&adf=2401029384&pi=t.ma~as.3752156729&w=773&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202875101&bpp=6&bdt=253&idt=398&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=368080079795&frm=20&pv=2&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JbxGQbxWKH&p=https%3A//www.outlookiniciarsesion.com&dtd=417

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 23:46:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H2 200 9a8178d18d321307744a4c8ce46adea2.js Show response
www.gstatic.com/mysidia/ Frame B101 10 KB
4 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a8178d18d321307744a4c8ce46adea2.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 07:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 471467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4293
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 07:10:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B101 8 KB
1 KB 71ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 16:30:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:56 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame B101 2 KB
956 B 17ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame B101 23 KB
10 KB 73ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame B101 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame B101 17 KB
7 KB 75ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B101 152 KB
47 KB 73ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:56 GMT

GET
H3 200 fed584b8ce81e04d8838584f2ea59ee6.js Show response
www.gstatic.com/mysidia/ Frame B101 33 KB
13 KB 54ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 23:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13787
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 04:05:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Jan 2023 23:21:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B101 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyGeP-zxQY8W0JPPbxgOv5on4CYqmnOFswt3OoesQ8oPw78MwEAEg84r2A2CV4pCCoAegAaTdmosDyAEBqAMByAPLBKoE_gFP0GtZKUzcXy9nzyU6doGZRxSErFKXD7mscFbQTJFkiSVA6MdOobQvFXLKOhWeve8sGzCeJcsCW8dQkj7qXoDb5sYSjKDqCz2JoRWdZRu5aEkveO9kyCA_PqOz-zNfYFtB74aH2h4NY1gzUx6bgAaa3AS2y7eWpb1o1vU-T2z5VPqLO6XI6ge35Vg5agTpLqxy5XtwEDsu_QIep7NU4b5lgBRGtFpMqqxtu4yeZeY3ayCk8uN0J0YL69iMsjePXWB4aZpqZlv9fS2UF0dQrdq_2lepEsXtsRKIYfEvUS-762e7WoWr5dc5EqL94X0jka4LozI6Dcp3778bT_DXVMAEzoW1z8EDkgUECAQYAZIFBAgFGASAB8Si5XSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDL1QPSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yMjY0MzUxOTA2MTQwNTc4GAA&sigh=0gWyBy_35bo&uach_m=[UACH]&cid=CAQSGwDq26N9KRt1VXjUBqIlXrfqjmjeGTuaUovxAxgBIA4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&slotname=3752156729&adk=4188284142&adf=2401029384&pi=t.ma~as.3752156729&w=773&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202875101&bpp=6&bdt=253&idt=398&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=368080079795&frm=20&pv=2&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JbxGQbxWKH&p=https%3A//www.outlookiniciarsesion.com&dtd=417
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Oct 2022 18:07:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A8F3 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&slotname=3752156729&adk=4188284142&adf=2401029384&pi=t.ma~as.3752156729&w=773&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202875101&bpp=6&bdt=253&idt=398&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=368080079795&frm=20&pv=2&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=80&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoEe%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JbxGQbxWKH&p=https%3A//www.outlookiniciarsesion.com&dtd=417
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 17:15:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B101 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bc710a8cf6037b9c9e085e7bd71d5bd87619371a96ed017249f3068195b2a30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B101 28 KB
28 KB 319ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 158059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 22:13:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A8F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:56 GMT
expires: Wed, 19 Oct 2022 18:07:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:56 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame E220 36 KB
16 KB 255ms
255ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 63ms
16ms Script
text/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 17:51:05 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1011
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 19 Oct 2022 19:51:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 63ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 77ms
32ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 146A 189 KB
51 KB 761ms
761ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&adk=1812271804&adf=3025194257&lmt=1660715091&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202876679&bpp=1&bdt=1831&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280&nras=1&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=2&uci=a!2&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f883c02f5e51309adc988838964a86ad7ff4414043793eac21b49412feec6794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 52647
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 60ms
25ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1488778510&utmhn=www.outlookiniciarsesion.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Outlook%20Iniciar%20Sesion%20-%20Hotmail%20Correo&utmhid=1601070236&utmr=-&utmp=%2F&utmht=1666202876743&utmac=UA-40103013-1&utmcc=__utma%3D268507503.459509821.1666202876.1666202876.1666202876.1%3B%2B__utmz%3D268507503.1666202877.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1014853076&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 63ms
30ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221017&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f67f1e8d785318377117163c461d3a94e841f49b08c4eca901a6bde9a969d74c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11287
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 151 KB
54 KB 287ms
287ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c59cbbd7debdc7a8932a065d5437b2da45762d84070b180d47e861fe1efbf78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55056
x-xss-protection: 0
server: cafe
etag: 9156647310792682619
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Oct 2022 18:07:57 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 351B 112 KB
34 KB 675ms
674ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1197452612&pi=t.aa~a.3700839215~i.12~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=2&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0&nras=2&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8f7henPER&p=https%3A//www.outlookiniciarsesion.com&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8a711f600337ceaca0ddcd4c45f9c5169211493b662c6410990477b75f380af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34777
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D45C 110 KB
33 KB 1022ms
1022ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77a62b06795d46e4cae3f79a810b2c5c7ffb8311740dbe0a0ab1660df2db6c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33985
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8165 138 KB
44 KB 1202ms
1201ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c96d5751aaa09789f95efb94f8e0ac29867c2feb3f66ffe346fa7939cc29cf4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWXlbXx7PoCFWKDWwodF3wJsA&gqi=_TxQY9_BI_LNxgPUqYLoDg&layout=/sadbundle/%24csp%253Der3%24/6656301800963076090/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 44907
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWXlbXx7PoCFWKDWwodF3wJsA&gqi=_TxQY9_BI_LNxgPUqYLoDg&layout=/sadbundle/%24csp%253Der3%24/6656301800963076090/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D262 76 KB
23 KB 960ms
959ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad94efbf484d1cbb81a4850f812a896de86a5253aa9c68d2ebbf7e8012247dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 23682
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E662 104 KB
33 KB 569ms
568ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=100&adk=1273620997&adf=2122703699&pi=t.aa~a.2379756499~rp.4&w=384&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&to=qs&pwprc=7632397828&format=384x100&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280%2C773x280&nras=6&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=MstTPFtiNI&p=https%3A//www.outlookiniciarsesion.com&dtd=46

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d3346b5ccb38c16cdc5ace14f265f9e60bbb2dd38652b375547e47c00302b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 33830
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 84ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:57 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B101 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi5p_iB3cS7gDRajWFk0Gt4mS49OPDRwWtndnjyGHZ0dWTqapTvMeLkigfCstuIR8C2fAmYJimJ2-AzQC9dbNVtHlGgUfP6rxCjgh3SlULN5BGBtr6025XZM2zYVdT3jX8WP9reQ&sai=AMfl-YQ4X82-RsgDUtA1PK4ShzUkGDMMAUFteYQevMb26WrAnkLaSBbT0AoOVEF9CfxjVDAzRd5LpC7dbYcxoRE&sig=Cg0ArKJSzCCijuh8crR_EAE&cid=CAQSGwDq26N9KRt1VXjUBqIlXrfqjmjeGTuaUovxAxgBIA4&id=lidar2&mcvt=1000&p=0,0,280,773&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4188284142&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666202875520&rpt=1084&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1AB8 13 KB
5 KB 18ms
16ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 15:10:50 GMT
expires: Thu, 19 Oct 2023 15:10:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3BD2 783 B
536 B 64ms
27ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a51333c0c44393c2563dedf27b2b2e4723ab968dd6e4641053291126b890cf6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hfQMIYNIk_HGHSG43bLATQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-hfQMIYNIk_HGHSG43bLATQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:57 GMT
expires: Wed, 19 Oct 2022 18:07:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AB8 36 KB
16 KB 272ms
271ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3BD2 0
0 306ms
306ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221017&jk=2361192664671908&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 25ms
25ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.outlookiniciarsesion.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/ Frame 6CDC 10 KB
4 KB 23ms
17ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 04:30:17 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 04:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/ Frame DC10 10 KB
4 KB 24ms
18ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.outlookiniciarsesion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 04:30:17 GMT
etag: 9671129459699598864
expires: Wed, 02 Nov 2022 04:30:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1AB8 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sq5klQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E662 4 KB
621 B 60ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=100&adk=1273620997&adf=2122703699&pi=t.aa~a.2379756499~rp.4&w=384&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&to=qs&pwprc=7632397828&format=384x100&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280%2C773x280&nras=6&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=MstTPFtiNI&p=https%3A//www.outlookiniciarsesion.com&dtd=46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 16:38:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame E662 2 KB
902 B 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame E662 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame E662 3 KB
1 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame E662 17 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E662 0
0 27ms
23ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQH-ASnOAKESnfNMMYGLF8cKcG-FgiVv0jRgrzVZz0CesVwx-RBLSZZ3y-B5rhe5CWAIAMb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=100&adk=1273620997&adf=2122703699&pi=t.aa~a.2379756499~rp.4&w=384&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&to=qs&pwprc=7632397828&format=384x100&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280%2C773x280&nras=6&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=MstTPFtiNI&p=https%3A//www.outlookiniciarsesion.com&dtd=46
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E662 152 KB
46 KB 62ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame E662 33 KB
13 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 351B 3 KB
601 B 48ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1197452612&pi=t.aa~a.3700839215~i.12~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=2&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0&nras=2&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8f7henPER&p=https%3A//www.outlookiniciarsesion.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 17:37:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 351B 2 KB
902 B 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 351B 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 351B 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 351B 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 351B 152 KB
46 KB 93ms
58ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 351B 33 KB
13 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E662 0
0 64ms
62ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnkZ4_TxQY7yGKJW9j-8P5dWPgAqYsuH5aKm-7MGoDJOoxYzOCBABIPOK9gNgleKQgqAHoAGwuqHXA8gBCakCUZIsJL94sD6oAwHIA8sEqgT8AU_QxCo_BWR9pkaq1ePfNWWAaRv772j6bKGdHHV1RccBLA8yghsP6smJlckXM5N5E9euiL-jBXElTPaMLQW3tzqG7MhXl-LX2R9MZYXouBqSMO2ddRmIDQhpkH91cmyFiFXNOeFSt6u5OT4m6dwPj9gNIAQpK7d1ryl-0WHzkzBgFQ5ct_nmNn74lvfU8oWPkEIAAir3sDM_nHHp5k0yRowDY3J5Q887_fE-2U7bZME_rU6msANAhMqmrXm7EFw2NcW8zhqZ_NHSUslRtTU8T88ZUc6D6mtagBVkFfo2Kyp1Y07b6JOZ-Y5oI3F4OUd4RMFdxqSHMpgoiU1JBsAEseDiyo4DkgUECAQYAZIFBAgFGASgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQk4EB0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMjI2NDM1MTkwNjE0MDU3OBgA&sigh=wXNtbefiLi0&uach_m=[UACH]&cid=CAQSOwDq26N9umtCBU3Pqby30OpCviZYyzgt-vy7lbP-hZMD6sUvqH6oWYIRVU60H06yuZCOi95ILNYwutVLGAEgDg&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=100&adk=1273620997&adf=2122703699&pi=t.aa~a.2379756499~rp.4&w=384&fwrn=4&fwrnh=100&lmt=1660715091&rafmt=1&to=qs&pwprc=7632397828&format=384x100&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=1&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280%2C773x280&nras=6&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=MstTPFtiNI&p=https%3A//www.outlookiniciarsesion.com&dtd=46
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E662 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame E662
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

29ms
28ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 91794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Oct 2023 16:38:04 GMT

Redirect headers

date: Tue, 18 Oct 2022 19:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 83093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Nov 2022 19:03:05 GMT

GET
H2 200 16922622400005154796_6296008752330119341.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 351B 63 KB
63 KB 74ms
17ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/16922622400005154796_6296008752330119341.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b470c33b85c220a8319c249bdf407654e70e8c49ada332b37249e27a0e7cbfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 13:51:45 GMT
x-content-type-options: nosniff
age: 101773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64068
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 07:37:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 13:51:45 GMT

GET
H2 200 11115368122553418694_18192166662220189572.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 351B 76 KB
77 KB 111ms
55ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/11115368122553418694_18192166662220189572.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dbee482f4cd458aa85600537ae0bdf16742d2bb655219f5e4cc7d3dc47f2011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:37:19 GMT
x-content-type-options: nosniff
age: 12639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78260
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 07:26:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 14:37:19 GMT

GET
H2 200 16328752948896638085_13695268552199069773.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 351B 55 KB
55 KB 105ms
49ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/16328752948896638085_13695268552199069773.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c884a5d1652fba65b3ce99b98377f24752519730bbc48a5dbe2e8904c36bc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 14:08:06 GMT
x-content-type-options: nosniff
age: 100792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56430
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 07:36:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 14:08:06 GMT

GET
H2 200 1544960128310643704_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 351B 71 KB
71 KB 117ms
61ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/1544960128310643704_9146618617033836075.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:29:43 GMT
x-content-type-options: nosniff
age: 34695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 07:26:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 08:29:43 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 351B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

17ms
17ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 91794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Oct 2023 16:38:04 GMT

Redirect headers

date: Tue, 18 Oct 2022 19:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 83093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Nov 2022 19:03:05 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 6CDC 4 KB
636 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 16:19:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6CDC 205 B
229 B 17ms
16ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:24:16 GMT
x-content-type-options: nosniff
age: 2622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 19 Oct 2023 17:24:16 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6CDC 604 B
628 B 19ms
18ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:00:26 GMT
x-content-type-options: nosniff
age: 452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 19 Oct 2023 18:00:26 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame 6CDC 19 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 00:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 00:15:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 10E4 0
16 B 36ms
31ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnsBxCgu8sBGK7-sdABMAE&v=APEucNUV-4aUxgmsb8-fK8Sf0WZYj3DL8kAksrgBSiUJUymupZpEtP4DYg7KBPP-c8h7UzcBYbVrhES6mO059iTCMepXEkNdrg

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 18:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D1A0 71 KB
33 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPCHFy23lVrFxbi21UbAOHlFRXEADX-1TuikdxZhhFVkWjjat3dGA3FfC7TWwUuRomNT3Ox9huuAQUPnJcWtaj-gS2pw&cry=1&dbm_d=AKAmf-CBlxXSlaQU4V8nWbUNuxjlutichcI5hV2QZTDijdYIF3uIZ53zF0HT9vgShYSVMzg6_y45mzH9Hr5Z77MxK5eFrY2toyIHVVZzeDjw6WaSXkrbOGK_6x16YygiHzYaSmI5wb4upTIGj0SQe2N4hTDdUoLIyvA1K6ZV9UZ540Y76tEZtxqWhsXJsp3fwQPFfGm2OMnY0M-eTzgYbpQiY_SRXals_5y7DmPGDZeftj6bzu-M6ikIGSUMTd8uGgwCOiW6wAFoOjSNNSaXlk7rATvc-qWlGX1IuqnXQkSG6oQalQdXJIv3tPbhoAeGYfPF_63DzuZluAYrJa5fTj-Ti7Kk17ITVrnzDEfiUbqqol_6Ll36h8vr_Dqyiem7e3Vc7Oos4imqhKvK9aWbaYLJZeV3qoZhQeTi1C3gubTw2V5edKH4w_Cqm0pqZqnzD7gpjs-s2s-EUO9mISmPZMR1wWtq-tbfo0UDJQ8BIK0F2WOy66AfkySpKqKX0uU-PBWqgAxyHk7iqlyShXUw5BYbHjur1sbeMSenOLrbd7dwoJqkEJV3BcBeUygR6JURSfeAUFZt4RJvxh2CZ3S4o5d4TZa6wQ-OBj375rAHTki4Ov--iRQj9Rw-ipWNbNk3Lh0YQdedzHAiKP-50UPL71LDVX2NZQ-lI-D7ivlAKxPQfvd3ajzg-dK7fEZd-G7Af1vB0Z0Adh2iKPFtpl70teJo1oXA5_3DPVDEmr1xJ3ZD0Qsx7ffYv4xCP2KPqV8AT2erB-0HEHY_khToal4fVKXREoArtyXZ5A_6UZ8Fp0cLBJWnVjjCVv9HhCT_DvOwUgA9riwnm9boWgCe7FpNkYBDDOWRIj4KSlBvoONqaxxIFSptcaojnQ1oEfvqu1YNtovNFSxaOm2a6j3c8hMyd7_pYVfctLbTXSjpXgsuvpyVlAq4WvL0YJQM6EXShDoYh6ZtSsYx2HdsCWcSqYJjnYmEhmhpF-8HMG3ihiqMgdzt9uVXaIBWDcJPuEVe4gjTYxTlTg2Q3s8E3RCRVyaq8AxGu6KZmTfAy_I1SDeWy9Jz8jgloBktVOZXQsTGTHJ6DbxKZh5EEGwePRmG4YKyEpWvpwJcr4Gc5GmKuxvZ9Lc5AvIshvkHeOLw6L2oBIHE-1Duh9m1mG_GXB-14shhBHZNinFOqYIDYkp9FFMOMmwb8l6TGoSARZB5YlFDQzKsvwntenE0w_dFevVEtbHAOR_w8pU8aXVDzvu_PEL_nrhEXLRXCzSSUx130i2LWLnSvDS00XXgrauhiuhTB4Gsun8SSIBjukGUAAWDtgRKkjUTD8Cw1SJ7k5yDDffFeUBDbo2UnIrfJz7uGtctrSuPWnd7CKtbvcUP1KH1ISA8l2rpVNLdtJFt43tzvD_wpRpd8JOm429lwASuI6Pfiz6NtBUO3slPsmxSInkh3YIEnCiuf1md2fafZKnZso-UgvGpiP5hzA5y0Llxyv5N2JtmJDq3EsicuruidNSxs3o2YJCG3M81cSsuB01tcl8aOW76zu68UffTAkGqKn7nSjy_WDzhmxG3wcwSe5njjWjDAdHIVXtUfnMpOFDjWk1I2MAsk3qEdtivVXVWC71D-Y7mbJ6Cv8pzLpqXJTsK4_agN62ZgrXUMeIB6oNj-ITGrsgCc2Uib1AzU4f68ehQ_Qu3b8UZ6Hk1Vwq-85FH4OoS4ReUcMPXQcQ4XT2VtMXSDWNP2IHV0MM8hQfkPNDeYPmPTiqRwCcumJbY9Oqp3ne28oj-hBCcnzBGCPrB-wFrcIu3BC6OYTd-yVqjLDAWJcJktfowu2whu_fOHt4_vw2egiT84QD1ySoxfFLB7jDlZvbFDXDbdcF0_sJoz53W71BSkmgFyAWitL4xfaZfBqy5jTHXSM2vLSARiyd9qLO0D_LXSUlMACRha1gJJXnR8xT2l1SCR0WUvfgqxc7JmKZA54MWN8FPHTLejG3LfcqFh29rnoznk6mqtNuMfoGioEPpVQmkYMYMVdgH-ijTdITBCL-08qnTrPNFnEba2XJdgmjCsnH8AGC3ewxPSG2wjqjs1jFWOD9OKtg0uJi1NnVEtGLQJgRrODUgyF8jabjn3ucepIajYe0UmdDQRcm8H6kdfJlPCDAl0P-m4EOjk2OxmCO6Zrouk7Iyq3Wnk5-Yd5M-eW_WNmhwJwZESCUtFM2lHtjSB3jZ80eioh6pcAdxYJLmOwOEHFEpBU2_tCbyYoNVZ1E9CW_dC-ecm0-UifZOH37jUMVUtCUeD2D7xweavoRK-DRIqm1qOhRxPjMSboP4LdUokPmoU1j9WTpeMbFx7sJeeDWpuXLtUnjg4jvm9O44_ZBQ8nFrxVnogITkM1Ejy9sC7mlG0sakjmKJ82t6ylEadSBb-qMY1SWT5c5aEDUtc25toBf8SklClXE98exM__GAwYol3_ILdsTf0IX1jn4JgGBSh3tnkNRRrMjxEXCOVCDbiOaAqm2FFhoJlrsvTEDt6br8Tyrq3AVHNBrS5bOy--GWiesNo7KdLCLxxymG-ToXICVBVPuavu8R_3ebkvML_xSSBvr_2WFvb_88tkqUCn-Kt_IJNY6br9U7oDXtxloSGqgoeDgVVJE3QD1EgLBYC0wnLx_RcBLfngWJTq9XVRbQzQx82qy2vZXesH9ETjhP2uyykkYUbxhpAXeBRBQn-ytfasfbzgCsm88VZjm8aYxpEFFFdPnrUeNzQwtyllAxEeM0HDKk0-ydNPfFfV0MiFCArgp4pPjhJG73lDjIXBT6LQ-UpIB9l7czxDm-pUTeygL_TzSyR-aXUxodIs7YQv-VAEhQxgrq-52lJ8YCfOrrYDu8VZKgcWnpfpwZkJuC7IAQojuH6P26_NuXN4Krv-OiGkwu7tU7ojkwQq6eGjSGhPrlqy3i91xsGIqEDYdA0TSIHSNH8cxBQrgJP0BJNaOckNv4tEupzzIKAZkKI2Dbq5QGZPms_k3S_U7HOj4s-7au6EZYvP16kXF65InXpS5gn4JJY7-8DsmeSHofCuYw3uc1W4NgDaQmf7NYvfQ1J0wucUg3ipf4icHm4ilSaFU2SwyTSJQnTD3PIcsOGeMkLktOli_Fzl-KjNqRB8Nbwejsx3o-gqdgzaTB-dN-0rL10K8VagU-r1PRfbgcEG6E1IuH0P7fkA8LBu3gstbcdWQY7ltS0grrvUeffLRn06T2X7tj_tG33wwau6bP_2Wn8hecLXScV-MXp2BJZSFlD-8GHvjvKOAmnYRFR7E3iPFAEQbNtLsY4KmY3NgZ2KIW3oDGo2VksK-4EuyFyYdMJQrHBac1u83wjrt6J7JPYCLUarfuiJI7IswnB0JK1IudnXmGbgUW7PMrgckCLLjw1dLt1zcw-6TmTtjk--yCrV2bbWriOGI0oFvCHgDjpxB9dwwQONWdNJ6C4ScFstzjLlJrOMEJpoxRvgVeXrHf91PNwDM0rOGmZBgZr0r4MUmd81DttYT-r3bRhUOZ-XMFiBws54sBGFJkYSYWCcCaR_vHvAa8&cid=CAQSOwDq26N97yWfv2lRQZ0IW2n45zR-lb8EL7pJmUHyR1hhMYALYUFDMVUgPVrDmOsKg4Zrs5LR7MO4BwgRGAEgDg&rfl=2%2Chttps%253A%252F%252Fwww.outlookiniciarsesion.com%252F%240

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1c73848fb40c5eaa260ca12670dcc3496839f5ad335596bc7d54d139938c830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33870
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D1A0 3 KB
1 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D1A0 17 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D1A0 0
0 27ms
24ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvnGaHM7QkczoDsRefBXYuzRK5Ia3GtDsRUlE6fA8IZnBY7opT3pM-EEngmCwaX_J2Q3ml
Requested by: Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1A0 152 KB
46 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A0 42 B
63 B 286ms
283ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvOoEk8cGY_uGEgjCrK7j4Wz0K4FNbQe0WXuvm_ae71jYgggPbXAluONGOTCNF98MBUYXnuB2n0rhKFIXPdagbn4VtGh9INso4M_Fbx1Ukqhnwy20

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 351B 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgESl_TxQY8nQJtDdj-8P-_6z-AmYsuH5aKm-7MGoDIOqxYzOCBABIPOK9gNgleKQgqAHoAGwuqHXA8gBCakCUZIsJL94sD6oAwHIA8sEqgT8AU_QqmSPjMTr5Z97e2xQf5R_-wUqHvHR3mf_STj4lAXnZjsuYPfrN721qlr8lAYUBazqCWOIgtLCJEytOjDgJqbMpOTBLabAGN3EXPPvpG8kB6y_p3-FNW3HVLFCiOC0bFKbTJWk9jER7dF_9ZeB399g1tb427UmfK2JnEf_8sV0gt4YNfLreFGWo9XRODLzEYPHC31N68Ch2KsCwgkeBd40ngDjYvew14-50EPvt2VR2OQOSObr5x7d2gpCi8i4AIMrLX9NpBOoB0k4AvWyHASqB8u8NhwycNHy7bVI4RJuWkjGND20LyP36b5M0eJ2bBDymYg7kG4xzTNlIMAEseDiyo4DkgUECAQYAZIFBAgFGASgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQkfgC0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMjI2NDM1MTkwNjE0MDU3OBgA&sigh=HpvkjCaPthw&uach_m=[UACH]&cid=CAQSOwDq26N9AmyLgNBWfbkcTEuF62-easlNY-nxEX0uIGCIFTILq419_PzptdtAPPsRwVN8qi_aglGpsgEzGAEgDg&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1197452612&pi=t.aa~a.3700839215~i.12~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=2&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0&nras=2&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=I8f7henPER&p=https%3A//www.outlookiniciarsesion.com&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E662 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993fa03dedb014a3258eaa2f2daf1ea69dd48c8fdebb5e6da75bbf957db4d602

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 351B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22a99d5bb05fcf553b2949937ff834428a00d6b5846663364f99e22848f11f19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E662 16 KB
16 KB 248ms
248ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 191513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:56:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F0B3 8 KB
895 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 16:34:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame F0B3 2 KB
902 B 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame F0B3 23 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame F0B3 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame F0B3 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F0B3 0
0 26ms
25ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQG_EacMYRkX-SjRrU6sCVuh-onjd9fNSL4YJVx5eSnPgjy4qwvkadW5aI_IhAHs2yiqXCv
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0B3 152 KB
46 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame F0B3 33 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 351B 20 KB
20 KB 261ms
259ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 71710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 22:12:48 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 351B 21 KB
21 KB 354ms
353ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 20:00:00 GMT
x-content-type-options: nosniff
age: 166078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 20:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame D1A0 30 KB
11 KB 268ms
268ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPCHFy23lVrFxbi21UbAOHlFRXEADX-1TuikdxZhhFVkWjjat3dGA3FfC7TWwUuRomNT3Ox9huuAQUPnJcWtaj-gS2pw&cry=1&dbm_d=AKAmf-CBlxXSlaQU4V8nWbUNuxjlutichcI5hV2QZTDijdYIF3uIZ53zF0HT9vgShYSVMzg6_y45mzH9Hr5Z77MxK5eFrY2toyIHVVZzeDjw6WaSXkrbOGK_6x16YygiHzYaSmI5wb4upTIGj0SQe2N4hTDdUoLIyvA1K6ZV9UZ540Y76tEZtxqWhsXJsp3fwQPFfGm2OMnY0M-eTzgYbpQiY_SRXals_5y7DmPGDZeftj6bzu-M6ikIGSUMTd8uGgwCOiW6wAFoOjSNNSaXlk7rATvc-qWlGX1IuqnXQkSG6oQalQdXJIv3tPbhoAeGYfPF_63DzuZluAYrJa5fTj-Ti7Kk17ITVrnzDEfiUbqqol_6Ll36h8vr_Dqyiem7e3Vc7Oos4imqhKvK9aWbaYLJZeV3qoZhQeTi1C3gubTw2V5edKH4w_Cqm0pqZqnzD7gpjs-s2s-EUO9mISmPZMR1wWtq-tbfo0UDJQ8BIK0F2WOy66AfkySpKqKX0uU-PBWqgAxyHk7iqlyShXUw5BYbHjur1sbeMSenOLrbd7dwoJqkEJV3BcBeUygR6JURSfeAUFZt4RJvxh2CZ3S4o5d4TZa6wQ-OBj375rAHTki4Ov--iRQj9Rw-ipWNbNk3Lh0YQdedzHAiKP-50UPL71LDVX2NZQ-lI-D7ivlAKxPQfvd3ajzg-dK7fEZd-G7Af1vB0Z0Adh2iKPFtpl70teJo1oXA5_3DPVDEmr1xJ3ZD0Qsx7ffYv4xCP2KPqV8AT2erB-0HEHY_khToal4fVKXREoArtyXZ5A_6UZ8Fp0cLBJWnVjjCVv9HhCT_DvOwUgA9riwnm9boWgCe7FpNkYBDDOWRIj4KSlBvoONqaxxIFSptcaojnQ1oEfvqu1YNtovNFSxaOm2a6j3c8hMyd7_pYVfctLbTXSjpXgsuvpyVlAq4WvL0YJQM6EXShDoYh6ZtSsYx2HdsCWcSqYJjnYmEhmhpF-8HMG3ihiqMgdzt9uVXaIBWDcJPuEVe4gjTYxTlTg2Q3s8E3RCRVyaq8AxGu6KZmTfAy_I1SDeWy9Jz8jgloBktVOZXQsTGTHJ6DbxKZh5EEGwePRmG4YKyEpWvpwJcr4Gc5GmKuxvZ9Lc5AvIshvkHeOLw6L2oBIHE-1Duh9m1mG_GXB-14shhBHZNinFOqYIDYkp9FFMOMmwb8l6TGoSARZB5YlFDQzKsvwntenE0w_dFevVEtbHAOR_w8pU8aXVDzvu_PEL_nrhEXLRXCzSSUx130i2LWLnSvDS00XXgrauhiuhTB4Gsun8SSIBjukGUAAWDtgRKkjUTD8Cw1SJ7k5yDDffFeUBDbo2UnIrfJz7uGtctrSuPWnd7CKtbvcUP1KH1ISA8l2rpVNLdtJFt43tzvD_wpRpd8JOm429lwASuI6Pfiz6NtBUO3slPsmxSInkh3YIEnCiuf1md2fafZKnZso-UgvGpiP5hzA5y0Llxyv5N2JtmJDq3EsicuruidNSxs3o2YJCG3M81cSsuB01tcl8aOW76zu68UffTAkGqKn7nSjy_WDzhmxG3wcwSe5njjWjDAdHIVXtUfnMpOFDjWk1I2MAsk3qEdtivVXVWC71D-Y7mbJ6Cv8pzLpqXJTsK4_agN62ZgrXUMeIB6oNj-ITGrsgCc2Uib1AzU4f68ehQ_Qu3b8UZ6Hk1Vwq-85FH4OoS4ReUcMPXQcQ4XT2VtMXSDWNP2IHV0MM8hQfkPNDeYPmPTiqRwCcumJbY9Oqp3ne28oj-hBCcnzBGCPrB-wFrcIu3BC6OYTd-yVqjLDAWJcJktfowu2whu_fOHt4_vw2egiT84QD1ySoxfFLB7jDlZvbFDXDbdcF0_sJoz53W71BSkmgFyAWitL4xfaZfBqy5jTHXSM2vLSARiyd9qLO0D_LXSUlMACRha1gJJXnR8xT2l1SCR0WUvfgqxc7JmKZA54MWN8FPHTLejG3LfcqFh29rnoznk6mqtNuMfoGioEPpVQmkYMYMVdgH-ijTdITBCL-08qnTrPNFnEba2XJdgmjCsnH8AGC3ewxPSG2wjqjs1jFWOD9OKtg0uJi1NnVEtGLQJgRrODUgyF8jabjn3ucepIajYe0UmdDQRcm8H6kdfJlPCDAl0P-m4EOjk2OxmCO6Zrouk7Iyq3Wnk5-Yd5M-eW_WNmhwJwZESCUtFM2lHtjSB3jZ80eioh6pcAdxYJLmOwOEHFEpBU2_tCbyYoNVZ1E9CW_dC-ecm0-UifZOH37jUMVUtCUeD2D7xweavoRK-DRIqm1qOhRxPjMSboP4LdUokPmoU1j9WTpeMbFx7sJeeDWpuXLtUnjg4jvm9O44_ZBQ8nFrxVnogITkM1Ejy9sC7mlG0sakjmKJ82t6ylEadSBb-qMY1SWT5c5aEDUtc25toBf8SklClXE98exM__GAwYol3_ILdsTf0IX1jn4JgGBSh3tnkNRRrMjxEXCOVCDbiOaAqm2FFhoJlrsvTEDt6br8Tyrq3AVHNBrS5bOy--GWiesNo7KdLCLxxymG-ToXICVBVPuavu8R_3ebkvML_xSSBvr_2WFvb_88tkqUCn-Kt_IJNY6br9U7oDXtxloSGqgoeDgVVJE3QD1EgLBYC0wnLx_RcBLfngWJTq9XVRbQzQx82qy2vZXesH9ETjhP2uyykkYUbxhpAXeBRBQn-ytfasfbzgCsm88VZjm8aYxpEFFFdPnrUeNzQwtyllAxEeM0HDKk0-ydNPfFfV0MiFCArgp4pPjhJG73lDjIXBT6LQ-UpIB9l7czxDm-pUTeygL_TzSyR-aXUxodIs7YQv-VAEhQxgrq-52lJ8YCfOrrYDu8VZKgcWnpfpwZkJuC7IAQojuH6P26_NuXN4Krv-OiGkwu7tU7ojkwQq6eGjSGhPrlqy3i91xsGIqEDYdA0TSIHSNH8cxBQrgJP0BJNaOckNv4tEupzzIKAZkKI2Dbq5QGZPms_k3S_U7HOj4s-7au6EZYvP16kXF65InXpS5gn4JJY7-8DsmeSHofCuYw3uc1W4NgDaQmf7NYvfQ1J0wucUg3ipf4icHm4ilSaFU2SwyTSJQnTD3PIcsOGeMkLktOli_Fzl-KjNqRB8Nbwejsx3o-gqdgzaTB-dN-0rL10K8VagU-r1PRfbgcEG6E1IuH0P7fkA8LBu3gstbcdWQY7ltS0grrvUeffLRn06T2X7tj_tG33wwau6bP_2Wn8hecLXScV-MXp2BJZSFlD-8GHvjvKOAmnYRFR7E3iPFAEQbNtLsY4KmY3NgZ2KIW3oDGo2VksK-4EuyFyYdMJQrHBac1u83wjrt6J7JPYCLUarfuiJI7IswnB0JK1IudnXmGbgUW7PMrgckCLLjw1dLt1zcw-6TmTtjk--yCrV2bbWriOGI0oFvCHgDjpxB9dwwQONWdNJ6C4ScFstzjLlJrOMEJpoxRvgVeXrHf91PNwDM0rOGmZBgZr0r4MUmd81DttYT-r3bRhUOZ-XMFiBws54sBGFJkYSYWCcCaR_vHvAa8&cid=CAQSOwDq26N97yWfv2lRQZ0IW2n45zR-lb8EL7pJmUHyR1hhMYALYUFDMVUgPVrDmOsKg4Zrs5LR7MO4BwgRGAEgDg&rfl=2%2Chttps%253A%252F%252Fwww.outlookiniciarsesion.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11726
x-xss-protection: 0
server: cafe
etag: 11376305771055881226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 08:38:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/ Frame D1A0 8 KB
3 KB 269ms
268ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221017/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 08:38:00 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1A0 0
622 B 125ms
67ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvssPpqs7kOxG7qaar7Eo68BZhypwC7l_B5HHz5MUgGURKcSimxp64cqXPYhZPjSzGL0hrJvf4Pcr0LX8GkfEDS_Y6Kk_aaK-gToJ2qYD0AXQfOttq6wIZvgpseM63yEWiZjsHkpnn6_BJUhrKLPYctZELRkLRvKJxBa08QUFe6s-hqSiSJrgPYRtnTU85pVPqVk8OL9Q02_ZhKWQyMgaXusYQ0aT-SWGEhk7YJlgc_a55bN65RlWJenjIDBY20q_RYVUAHior3BdCtkvJJIq75XhllQiN4ctqsOsFICCgawYQjBg9jjhhFFRbaIgeSCG32lc45VKdLgoikOi6dpXMDaybuKKEYUCqFdomqiaHTDfMu6ZXpBIqzdOOciCidezTdbUy4t9Vt4mFXkgJe7pjenoJeSP7h_Nj0H1pdk558Qc4J8Vh0V5l8SqtuYJ5gQ6xhqysf8k6kcdmWsBlLr2oa3yGfDoFCcBDhoWqAJEBUAEyr4fKHwVrf9sFo8L906QljyoO3iiWTBjFKRHh5Vj5MoipzgBQsAa8cjq6UwZ25gxOAosaxmlgHx5lNwp41rgLUeOlRFOk4IHpI_wcnwLfrIbLHLlzozkxzFLTQjujJ0wztCh9Spx54EyEhiGdpei9cBBaGHl0W2oy3x9itQoL2ohUl6yuClvZU3orxA0tWFqEuOyUexvMpqGjal9p2Mc_99EPvtrjDJm1dk3t2JRk80a9obN_2aoE5qfoB_5I4vvYMFYMOTNIcOhWan89tFLGZO6kZxT6nYdeIjLPAZ8SOu-nmNiFD1g4RKrN8fXcKIpcPuRfXbhxulzLvmIeSVPk2LETbfvpve8dVYqMMoMpJ7JCXVmXOWqAK_G2y8AW11X-IdEdVMQmK1SS0LkwtL1Uh9MqX0zspOjTnSKsVOX45F3vSr1nOqcSM-Pc5UY0nTrT0HP5QhgapFm6JYDlosgjRWXVjWMpqLYb_Adl8vK6rY-cLZ8cRJSzZipNXsZoodWxoPyl6Cl09HCYSfM0-tIvr0JDt1U20hYc_nZg41E1IuT8rrgTU7JzmIVffPyFSKSoamgqWaxy-A43JwHhoE6oVodeSJpQTisFV0Vc7H2oR5qbN5uBzcuB-7Vi3dqigvVRsxdXxQ99iDrhwf4Toj4LISZbEsAlQzSW1h4Hcd7Igy6NqxCgvdR-1knhBc0dC9PqUMegcqY6W3h7dyPMISlwP48ktNmHfKXnQyO5bPBRmIZ-5xw8BW5jO2SOe2FqFSRN8z3tQSN7T0bHyxNkTJfqGC_nT3P1eEvTqznRFhUr_Wc4NA_8tO6wPTetep1WGkWZ6eAEqqi-OjU4-Kh6cAxabegia_BmGLg0FXg9Mjiq3-On4ksIDVZA&sai=AMfl-YSI1OZ-rAVz6NVkuM5hLW65so8FQEEraM07EUeoxijbSBMwc3yKcI7is_UBwNFjxxOopas2k4GeRGIT8CuZkZQ17qxSQN3FGtNC1Ur1xR_dpt1ubEjcnMVqFVwSvarOlHhnia2g_tvODsnRJk5l1GRdFwbnLlhevnyKFo4CZYbcsAeUFtzwHOTnUGRuiS0Rbe1BcE44PzeauYoOa-FBvSu0O1TsuAdVIlwZ0gDVQwXm8OtjHeR9FpG_x_qRzrSEcdZc0xQvKTw&sig=Cg0ArKJSzMRJbg572K-nEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221017.14274&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D1A0 41 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 08:38:01 GMT

GET
H2 200 14671438364198017837
s0.2mdn.net/simgad/ Frame D1A0 37 KB
38 KB 74ms
17ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14671438364198017837

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221017/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdb15d3515b18bc0a0d7d368944ebd99a05e865c53c82d9a39e038ca52fb1c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 07:46:40 GMT
x-content-type-options: nosniff
age: 37278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38356
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 14:41:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Oct 2023 07:46:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame D262 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D262 8 KB
716 B 27ms
26ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 17:09:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame D262 14 KB
3 KB 76ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 13:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:23:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame D262 359 KB
124 KB 77ms
20ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 13:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:23:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D262 17 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D262 0
0 29ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkn73MwsXKvvIK4ltCoM0hewkQBLoy1nE-2H5qr0zt5vR65t8u0T94rfJnBj8cIvVwedt5
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 19AC 36 KB
16 KB 259ms
258ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D45C 4 KB
621 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 16:26:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D45C 2 KB
902 B 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame D45C 23 KB
9 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D45C 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame D45C 17 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D45C 0
0 28ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT859UslNmnqAnJwakOqidZHVkvLfUTKHkbidL53ihOsdFKUhh-h7ubZpMxPPq-hseMYGY_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D45C 152 KB
46 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame D45C 33 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C873 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 08:38:01 GMT
expires: Thu, 19 Oct 2023 08:38:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D45C 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMI6N_TxQY7iHJ_TTzLUPmZmIsAfcxbaDaYLUg5jTDMzHmqb9CBABIPOK9gNgleKQgqAHoAGwuqHXA8gBCakCUZIsJL94sD6oAwHIA8sEqgT8AU_QDSeHGBqaTgA7Z0P8ypRTt69u4Ka_M-GRrnsaHKdQCAAGWSOS1KHy-xem4kDnXNl2nghUqLQ4gbZWYOXbq7zN_BmYM19F9Cpc7PhLxQRJJew9I-LpG4iipfmrVDOkKfNn3qHE0hkI-OIdV8hM3sxMbL34ocCkPtEqQ9J8DRlZUzQj3-lqH2M7mCdg8Ix62TRPXNtCPJ8mWzrsImeOlG7AgIePg31aIfeLf1M6GG67cfNeAUDnvid40dOxMvaLYtW0LxdcKEptL9UUIaNwkIPQ9Mpb5b6-0XRp-PTxMcYt6Ho1amNPWq4sLvW5oL8LJL3Pt47GdzjIakiiXcAEkav95KIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ5bIB0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjI2NDM1MTkwNjE0MDU3OBgA&sigh=IXTsB8XFJSY&uach_m=[UACH]&cid=CAQSOwDq26N9DwJjvwWvRCXqHQ8-6QEKyXVpmFC35GQjNAyD1emmTYFPY4VDW0NutQSsiK1-xBd_2BcU6gi9GAEgDg&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D45C 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame D45C
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

16ms
15ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 91794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Oct 2023 16:38:04 GMT

Redirect headers

date: Tue, 18 Oct 2022 19:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 83093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Nov 2022 19:03:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D1A0 0
26 B 88ms
54ms Ping
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D45C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfe89a996bfa1eca6c65adb2bd273ca5bc46ea1a9e3a5bb2275e0e51f879f511

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame C873 36 KB
16 KB 255ms
254ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D262 0
327 B 89ms
42ms Ping
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l9fy69da&c=1215366532988&slotId=607683266494&qqid=CJrwlbXx7PoCFbcOswAd85YD7A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D262 15 KB
16 KB 253ms
253ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 177786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D262 15 KB
15 KB 323ms
323ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 448829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:27:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D262 0
20 B 285ms
285ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CS82m_TxQY9r9J7edzLUP862O4A650dz-bLzauePHEPAuEAEg84r2A2CV4pCCoAegAeqRyqcByAEFqQJRkiwkv3iwPqgDAcgDmwSqBKICT9B530QPdq_xdFbw6e5Nyil1MfPCfBYNGE84jDyq8Xk-wfSx2H-0xS9bnSAIj95e8twPxKAso-V5jWqYrJKg2XwZoszm17VMpFH2i7IL_3McuOeadUGxL99VQtoMAhdLxTYGwZ7pEuUoJ5OAvSP9DVIWKeILN9YVRr1Knepglo_HXME2ees7UOW-8puamn88R_detgBDPlkpRWb9WT270_APcd_6StNQU6iwi6UOhfzmUtPb6ZL36aNN19mI6f2mGM_8UXyIbPZHX2D6it9AfZyi9rJ_NSEcqYWwQtQraVrephZvgVcQTRch8OsNAMiGwVcU1bFSLAfj6qGq6E1xXq1L6SxY_UXmr9TLdOJwt52LP8sJdSdViuONtAwOg9vPdOjABIKitIWeBOAEA5AGAaAGToAH_u212AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgHAQARgfMgLrAjoCgECACgGYCwHICwGADAGwE8ba8BDIE7_2ouED2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1666202878714&ai=CS82m_TxQY9r9J7edzLUP862O4A650dz-bLzauePHEPAuEAEg84r2A2CV4pCCoAegAeqRyqcByAEFqQJRkiwkv3iwPqgDAcgDmwSqBKICT9B530QPdq_xdFbw6e5Nyil1MfPCfBYNGE84jDyq8Xk-wfSx2H-0xS9bnSAIj95e8twPxKAso-V5jWqYrJKg2XwZoszm17VMpFH2i7IL_3McuOeadUGxL99VQtoMAhdLxTYGwZ7pEuUoJ5OAvSP9DVIWKeILN9YVRr1Knepglo_HXME2ees7UOW-8puamn88R_detgBDPlkpRWb9WT270_APcd_6StNQU6iwi6UOhfzmUtPb6ZL36aNN19mI6f2mGM_8UXyIbPZHX2D6it9AfZyi9rJ_NSEcqYWwQtQraVrephZvgVcQTRch8OsNAMiGwVcU1bFSLAfj6qGq6E1xXq1L6SxY_UXmr9TLdOJwt52LP8sJdSdViuONtAwOg9vPdOjABIKitIWeBOAEA5AGAaAGToAH_u212AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgHAQARgfMgLrAjoCgECACgGYCwHICwGADAGwE8ba8BDIE7_2ouED2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D262 29 KB
16 KB 127ms
54ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B_GEMSIFFcyOT3GMbfMaGa3lNfNggxPJrER8bqx3OJYbN8cPAsOxk3wanGsq5inM4AsUJIHGe6_AJleKztN8gE8pCNAQ&cry=1&dbm_d=AKAmf-CTzGzgB2Y6RP3-uSJ_jHjyad_w7NcoNzMkVz8VpXkJEnF0TPLdEf0Z7tI1R2BLVuetm6z1t3-iSVJcgyD9XAwHqi-p8KgWYsbJLu0oOsWra1XMhz7JbrecmMCuzGb4HmU5-4thdSujvwv2KCShtu826JAT6XnaZcYtGmMU35duT9LsoFm9DfYDuoTYgpFyher9nYHE2G8xgGg0nklr4kDvhDeFwsUT4G0KkFKgaYKCKGz2KEAg-mzRk5in5eVdrqGQdr1Phnxhl22E3twzsq2tIXmKFqoK4ZIOOc4Pbewr6VlCL3OXOEH0OrUyifujSkJZQT_WD6uxnPH0WuVnMk3FQChJmUATAm4yQ6dFLmOlPYSi0gNFCksQ_0wne9aP-bYS3NzmixmVtPZuVF0hSYzSWHkY5jCod8AJFkOaEjmbg8fv0VeN-TTM2hS0d-UL5_ItEe6njiR-GKmetoqbCaZb_OSpJ0lWuKbwfOI5l4zqSk-no6Kwdbi5xeWTiW5zzHhQytzxZmYRUbJwfGZLnTl53oc1rIGTaakbmRFTMxwr2Cc5eoYkJh_d6jrXkL4L1v3I-5eDy-TurCrQanEIOHfYIvkSQq1gK2_Hsd7zDDtHwXGkdWvZzFe7687F083g-DHPr3JnkoKg92ya5VMc5O9o9nuFvKvJqOirYWsOuQZCWzIspXMeewCPhh4tr1bAkyEEPFmF8EtOhGnpm5sF_HUdXGjA6z38M42aFigwMSiXZzolBOZElEFOvPeVUcR53J2BRGo5X3OAjAw-XswaOrBQQWFoDuLG7jLQiFP0y-OO_xE0wIBZ_GPYd5xWwuK_BIuDbsNMoHpt6DeKEgv2ajHpulae_8sYonz_G83tn8BBQWznpaHpgfKl-NGaf3_5vffWF_wnLRIwJJddp0WXK1_7BUThjZBMU81ltU1W2NYNxhYuSDyvej7xm42dAUjLU2DVtcar9_3NAmdSQiHSYlRmgH9Wqc8mGret1zlu0QMPrQB73nH311B-HlJqa3wdE_Xw3za0i2FHiLnoMalWnDErWwrCwxX7q1szd7JqHUVHPTtP2u_f3ygcFTaqveZs7QvVCoN1EzN0lTgQcNWD582iAmMHCmUHAAcQd3Hgaz4syg-RVPR_bNK-CvG5MzuTmivNtRzPnbLvYklqFll7xV_kfRtws4bJ_wLyjEeC4do6FuiW3BFq6kHGdMTzps1bQyiYGo9zGjxIN-C3l8txtAMPTiMqIOlSGdX-Ar6xvjEz6Wggh977VKjSrIzlhMcNbHZqpo4pq2pftFu7uNgUP9gDZb6THaBDnkgb77fmT2tqLyWkdjcpafxKyg3wcLr_EdjUSekgoGc7JN0z2V6o-CiefBdFJ0gR_yT6r-YWya8lGWC2Jsj50u2siN2Y6f0Yokc_eiF5yHCtUDmh9hP5uhph8Dl5OH6TZXSl6JHt4vr8etNZ5494yBsG4J7_TWXfit095nxZCRTH_rtSXezC-NhUEnxqSeyADySO73jrEMh0BnMrmZ-i-1fT2ppt3bB7WJyhd4EojNBEGuJ3gYGWkLQ3zmbMUjcBeP99YiMlyKT4rSOFbeaYV7bC9B6bVENLfhDc6AqyioincHzWuzlcRq7Af_R4bnb7mPnqy6uyBpHeCexHvK0bDS5ONCPfmgRUybjZkISyJIBJndTrar6ECUfvGr0znyZYAWJKVErabePopZJSkWFpBcMnYhONkK_PEScfiZvfxEwh0j6SADVaDyuuV9fangb1m9jzgYBJ3_oKYAudWz2kf1TqMSEUJzo1eb99A7zArAheGINvM5-T8sMruGoBsKzkI3N5_tJXgHRGcUy3gxEzJRgUYcWc6kqm1ZfBUKuN-vBsl3IZ6O8lIgFKxkjo-C2sbx7BYho5LAATinuySSB-_Wr5rPg68iOBwIyQTthoLCYL_RMmT7KsuN9Xvk4RvBC-DLIZfLvxOaidIxCWAVb5LrAFXcxeBRyBhm79xwXSQ4_SGTJuUBo5sKf2A6d9DPOyfD3Az8qR0R2kVzFoMxIc5Tc4DbGulz8WOgFRJUu7BbIMOPBtCianxxc_3NBDGGmrLp6WnU6k49moMuQw_lRM45HGE_D-p5qLxU3aGCRtzavHQHUsAEynml_m024YZaKqnXd-Utzinm1gIobrSwOGb5V233pciRSTMZ-AanEq-K8QpGCHgyMwo-e3alNVllX3ZvCzhpS1WosaHEnsdDB30Gy-O_P7NYOg4BIJvA42j53OFjuG7gJdaA5KlHGHDPohj0CUmo77KJskTzlr05Tdh1JZzF8QiyGnQq7icCph-vWSJkBhaKVvh8diUgE8vb4_QeF41H8YswTuWOwWehD0fX_WduIz-LZeT64BNeQPDQsDsdVgndIBE63du-bwdlB67cJlxI88AXUgvVYUNjxyKtBJOWtDoFDC-oLOF1BB_M6rzwr139D2YIad-1DX6GM7ow_jMzobxzjFWo-Jc0MoHhCOSW2dg3CiObSBduhYut2QLopKvdQfxx8_HpMZgm6O7gKonpXSySZOt7wvsdNLp6migMRI8GkVNvjKr13tmH3aUL2Uj0eDbB44doL0uuJmszzY97B0YxLtG_BH1_sOVyWfK8eKyY2-qo0WMPBgW-ttwBWnNa1s02tAUolvXQxDqWExY1iCUvIxI8YFFjgPrnpRHpuyjJ3pVbu_sR72y1LzjI7kXxIn7fT15zguxnyCoyMCe9JjD6a-fK8y16L7ccCm1rUBW6Aq2pu50Tz9rUKtkYCkwcCefsSZ0z5iCGjv1Dd-3sWEC34uiBzNVy68iO2QJZ1B8O4mMgPA2DLNW_3yBkKbsfPvpTre9joEAPugjFN0GQNT-DkX5XBMvL_2Y0_CXgmY45EIgn7rPMNp_qV44R-ux7tJqmsgHtUjcHRvyLfEsoYUFBUfJ2S0NdKr4UPCSS02SeF-ndkOypnREUzCIqcvaZtf1-Cq0qFPOwCoIN0A9ySlGPW7eVv1soNn_NemBupAMUpM1eSGANfM7FI--Owaz1DR6icfHEGqQlqQweo8N9kzdS7m5tUp2HDUfHon7N6PauMgvqybWfS5SA33aY7LMdpqrsk1d6ry7iDqzPSaF17_MncYod81tnDNWCvaNtk0KEoT_SbQ7hpSQDy7t0qg1F1y6ySbCVoN_QgRsP-QAWWe1zQ_05JUndx-dfYnvBO7qHYYGFKXFm2ULnCb3tx84eU5p1UcAuvubR9mUq1JCPoz6Es8e0V1gWf98hcuingaNqf51CArLFUOMoN8bht5IqZccT3HfoX9FE38iEgtFm3SPhU7-0WmT7bnb9Zsj4IP-XhUww6QMxPrdPYoMm48-4NIVIhwjyjXYUJHHyWL36_h6kpYaWo-n93ice6HT6vTCeAFHmYl9MtaVgfdYPq_4L6Uke1yZROXtOEcozy3yOcZdSHjQ0AfiSyqs_X26bDkJtold5t97nJO&cid=CAQSOwDq26N9AqA4zbLpinEa-EMy20terxhUQbmlmRL17r-UH640l7taU06aJ-t6-gwSDrrgT5oI_SevIYADGAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

70b5fa02edfe0c1e078e5c4e4c13b7b6ec568fc911243b4fa4745c43e92355ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16276
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D262 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-et9_TxQY9r9J7edzLUP862O4A650dz-bLzauePHEPAuEAEg84r2A2CV4pCCoAegAeqRyqcByAEFqQJRkiwkv3iwPqgDAaoEnwJP0HnfRA92r_F0VvDp7k3KKXUx88J8Fg0YTziMPKrxeT7B9LHYf7TFL1udIAiP3l7y3A_EoCyj5XmNapiskqDZfBmizObXtUykUfaLsgv_cxy455p1QbEv31VC2gwCF0vFNgbBnukS5Sgnk4C9I_0NUhYp4gs31hVGvUqd6mCWj8dcwTZ56ztQ5b7ym5qafzxH9162AEM-WSlFZv1ZPbvT8A9x3_pK01BTqLCLpQ6F_OZS09vpkvfpo03X2Yjp_aYYz_xRfIhs9kdfYPqK30B9nKL2sn81IRyphbBC1CtpWt6mFm_ZVtJ2H3tB2Z_PK1_Xnc2aS6BSxxG1DRi24esWj0FKJnHl8GkFimfkCViZhR_bIXe197-iz5V52s-VEcAEgqK0hZ4E4AQDiAWNtrOxRZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH_u212AKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChD9yQYY1q-g1gHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAbATxtrwEMgTv_ai4QPYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMjI2NDM1MTkwNjE0MDU3OBgA&sigh=wdB8Jc3A14M&uach_m=[UACH]&cid=CAQSOwDq26N9AqA4zbLpinEa-EMy20terxhUQbmlmRL17r-UH640l7taU06aJ-t6-gwSDrrgT5oI_SevIYADGAEgDg&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D45C 16 KB
16 KB 370ms
370ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 191513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 12:56:05 GMT

GET
DATA 200
OK truncated
/ Frame D262 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84bc47b5f76bdfc7bf77fadfee3cf0df2820e1d30ec525ea9ee58838b5afe34e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame F17E 36 KB
16 KB 252ms
249ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/ Frame 670B 18 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

961ee3bbccecf78f17bfa4f495b26d863973ed9ea82ae53b33134fa7f355bc76

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 377340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5460
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 09:18:58 GMT
expires: Sun, 15 Oct 2023 09:18:58 GMT
last-modified: Wed, 21 Sep 2022 09:39:32 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B41 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6EuP_TxQY9WkJ-KG7gKX-KWAC9OpsKJs3Ob0wLkQ9qDjhIwOEAEg84r2A2CV4pCCoAegAbebzr4DyAEJqQJRkiwkv3iwPqgDAcgDSKoEgQJP0OPbErzCWR0MDL8IajUA9EO3wpr0fvhaf9NuA-VlqfXQEreUMUHTEycKlBMAz1Iki8GM_wHW1mz-HAC3-uFIlbTufpV-E2s3cyzV9TrDfaAytnUksZic9ey1lcfGGVLnkWv1ksChJimCbmLkeefLEFv5BeMBAj-ddfNkjGffJY0UHNjLAV_xxTkwtv6ufY-KNcluvOxwj0GOxJzeBrT37_GODp36NXRi8Kf5zdcgeP7ZD9pLmvth0PVG_wBBhh8enJzD8HTX9YKyUhsh8NcyHu1qGf5ME7YuV8JoapED72dIHnStEkPrMA_npVgZi8s1DVCItGJajx6jcj_Y5F_dDcAEzIDPi68DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7HksUGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC_6QHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAaIMCCoGCgTPp7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIyNjQzNTE5MDYxNDA1NzgYAA&sigh=Vkzs30zIoDk&uach_m=[UACH]&cid=CAQSOwDq26N93QqFKpHnLPFUG8nCVsiOMwvhQ-uCOKZwVVPiu3GtOXUh-sF4_8kVYIDoZIwwfDUm_sUsdsHYGAEgDg&template_id=419

Requested by

Host: www.outlookiniciarsesion.com
URL: https://www.outlookiniciarsesion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 19 Oct 2022 18:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/ Frame 1B41 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 06:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 06:55:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 1B41 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Nov 2022 14:45:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/ Frame 1B41 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 21:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Nov 2022 21:40:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B41 152 KB
46 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=3644517540&pi=t.aa~a.186218032~i.21~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2672&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280&nras=4&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=1&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=4ZFsQctMwt&p=https%3A//www.outlookiniciarsesion.com&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 19 Oct 2022 18:07:58 GMT

GET
DATA 200
OK truncated
/ Frame D1A0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f675fe46d39357c1af24f477d109a6dba8f548e134c05ee813bd9fafadd9113

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 670B 6 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 20 Oct 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 670B 34 KB
13 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80092
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 19 Oct 2022 19:53:06 GMT

GET
H3 200 96620328.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/ Frame 670B 282 B
236 B 62ms
62ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/96620328.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1bfe9f4caf77b08666a335fca51bb9e3be136f84852e249bef6b42b2e4a5eac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 11:12:30 GMT
age: 456929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:39:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 11:12:30 GMT

GET
H3 200 96620515.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/ Frame 670B 28 KB
28 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/96620515.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fceb75f7716695456bb6c0ea0a92c301ea514de326ddc38ff302461f531de99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 14 Oct 2022 15:57:02 GMT
x-content-type-options: nosniff
age: 439857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28712
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:39:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 15:57:02 GMT

GET
H3 200 96620449.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/ Frame 670B 7 KB
2 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/96620449.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90defcba4f65a3eb64ff25ea5db6eafbca1f5ae67029947f75025f12dea239cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 11:12:30 GMT
age: 456929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2487
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:39:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 11:12:30 GMT

GET
H3 200 96620519.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/ Frame 670B 8 KB
3 KB 18ms
18ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/96620519.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4939a698168291f25d166323aa16cbe45e1ea55c6162bc286ec963e2617efefa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 05:35:32 GMT
age: 477147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3392
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:39:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 05:35:32 GMT

GET
H3 200 96620526.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/ Frame 670B 3 KB
949 B 17ms
16ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/images/96620526.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6656301800963076090/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1eff1158003db882d67f234f3e663ec04950e4e2768be43b6ae9774bb15d8a0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Oct 2022 19:16:38 GMT
age: 427881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 914
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:39:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 19:16:38 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D262 41 KB
15 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 08:58:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D262
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

260ms
196ms

Fetch
video/mp4

2a00:1450:4001:18::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0D5D7B9C0C0ECF3082186F3102CF1D0B71B866A7.0B5B1909771D2FC63CE759644C7BEDF399BB041A/key/cms1/cms_redirect/yes/mh/jh/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1666202456/mv/m/mvi/4/pl/49/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=105830804&adf=4115044958&pi=t.aa~a.186218032~i.23~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280%2C773x280%2C773x280&nras=5&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=3443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=3SNLxLB89F&p=https%3A//www.outlookiniciarsesion.com&dtd=41

Protocol

HTTP/1.1

Server

2a00:1450:4001:18::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 18:07:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3172675
Last-Modified: Mon, 17 Oct 2022 11:22:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 19 Oct 2022 18:07:59 GMT

Redirect headers

date: Wed, 19 Oct 2022 18:07:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0D5D7B9C0C0ECF3082186F3102CF1D0B71B866A7.0B5B1909771D2FC63CE759644C7BEDF399BB041A/key/cms1/cms_redirect/yes/mh/jh/mip/2001:ac8:20:301::201e/mm/42/mn/sn-4g5edndl/ms/onc/mt/1666202456/mv/m/mvi/4/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 273ms
273ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221017&jk=2361192664671908&bg=!0NOl05fNAAYeOJy_Pjg7ACkAdvg8WktY4z6N65hE9uHwpDSwYMVDGeyhINTmWIa3UDzeYMtf2zd5CQIAAAC6UgAAAANoAQeZArv62pf2W1P4bMRu6xP6rfNzvPrthi6V3JrUwC7_Ot_TY4x2FD3GL0GPLi5PyhOI4pRGEhTGvOp-qQTqlPdiORDwbl6nvaKmooVee5nKMYyiWlkq1QZ01U5P4YW2YDvG76WuY0aYNNz0UQhLCPs0yjI9EUQJPLVLuS-NxY1_GLRwUCMAMt9qbrD25TbaFWqcSN9zCwfj-Jlsc_z3vWmfnytWJUeRsICQKRTwZDBYITTk5frSNy3mCNC99xjgdCXY5SgCr69gpLRM5XPHrHvhbv1JT-PYoNkpnKHbw2fw5ZY-fp-tD67kjtSCmAgVseIvJOAb0c2gMlRneJBEAq1pQAFZqsGgypJ0LZebD9wv9O4aZXlJcI-2eDW5RkpjYMNdtgPLyey6quyd74o20sAnfkLgcjdxfJO72qXe-WT71bmBNKYmII3t-j-TtRAMCqARHZ2oq1LGQB1N3fu-JcoqJ5j0LVkexcyHM5gTFTY1s8D0qy1SlO9m8LALlAOgTx38mpTr6jD61PVzyJcrlrGpmJgZMdGZSJT325KnqD0pSrGA8BPok1izPkd_teRH4d0PAp3XgAIecNjsGmqEaAYKSnnd4IzTOEsgWX7PUeuYP8RFr65hUtqkXtGrIB9CJTdY-iyKIY7-WjfWXgBC4PmztAb43ugd8G-0EnICgLuqMRI3gHH7ih2P-0QKeenEkEo9Fh-9tME3hGXzJkAnxIaMUSYeujoM4UnGuLhqQtOJJGhWipPBDBcW8zOByR3pp0HYYVHfmJKhFkTuAKLYV2RIrshLo9SWVl59N9TvIFCalDsiYGwnf0ufV08ba7llQJJVE7lE2SsDYYg3wrIoeT5XZXQ6YG8A6JXdvDPmMo9Q7mDQVbgYLgfVfDA7fLxL1K3LHu1qUD9gHekD03n7Sm8UBgOqmB6xA8d8ZjTKsvA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.outlookiniciarsesion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1B41 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4937fa1d1364f7cf9801e72b6a00d5db7de44b3d2ad08f1bc5760cd42623e428

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame D704 36 KB
16 KB 239ms
239ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 98AF 23 KB
9 KB 22ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 17:49:41 GMT
expires: Thu, 19 Oct 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 73ED 36 KB
16 KB 249ms
249ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-2264351906140578&output=html&h=280&adk=38176498&adf=1717540976&pi=t.aa~a.3700839215~i.14~rp.4&w=773&fwrn=4&fwrnh=100&lmt=1660715091&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7632397828&ad_type=text_image&format=773x280&url=https%3A%2F%2Fwww.outlookiniciarsesion.com%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rh=193&rw=772&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666202877520&bpp=1&bdt=2673&idt=-M&shv=r20221017&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ce0871236e144fc-22e89d174ace0048%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg&gpic=UID%3D00000b758996dd9b%3AT%3D1666202875%3ART%3D1666202875%3AS%3DALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ&prev_fmts=773x280%2C0x0%2C773x280&nras=3&correlator=368080079795&frm=20&pv=1&ga_vid=459509821.1666202876&ga_sid=1666202876&ga_hid=1601070236&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=214&ady=1552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774649%2C42531705%2C44774653%2C31069177&oid=2&psts=APxP-9BIatG0B_hnogRMdBFbopBlVtpjm3nfDpsUOPTWMpUriAyZDOkv8t0SYpkpTd4YZw6fDfl-9IBPfDb5qg&pvsid=2361192664671908&tmod=723301576&uas=0&nvt=1&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TGMgukUZnk&p=https%3A//www.outlookiniciarsesion.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 670B 36 KB
16 KB 252ms
252ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 200 OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js Show response
pagead2.googlesyndication.com/bg/ Frame 98AF 36 KB
16 KB 254ms
254ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OLZMwUuXKff5QHkWgJZ5Acpn9ezP58Pxr98BvfUDCEE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16062
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Oct 2023 19:20:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C873 0
20 B 288ms
288ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BccDI_jxQY-rKF7eF9u8Ps9qtgAIAAAAAOAHgBAI&bg=!7u2l7anNAAYeOJy_Pjg7ACkAdvg8WgpysCNT4TGxNCMu5oBe7-mI8tSwvGIW7ITDe1R5X1-APbCVOgIAAAFXUgAAAAJoAQeZAv7wE94BLjgkneM0nKcUbSwkiD5kHLSzs5KR8k9s-D0kXyOZWmQTq8LNf8aRFAynAhgAgGIak6diUeQJTt5cED6esCDZgtp7wbAxnJ3baQMJOJkKpgQEQRO950uf6EU8dN3gcI_HxL7sNh9mZjuCiqPYjrHNhTUyJqQynabOptPa6kaTbuFlfzbJF_SsNPDcRVXWsOUl4oJIA0JlS0rV4lDAY84jP7646gOEz-xj1ZfErFlB4__UVLnfZtV4TW-fMgmv0bvbh_6etkYrXuTCn3jbDrB6uLSNvZf4KVfbHFjMcZCo0gHbojqqMePJbYU7NPC8ToJJ9tQGcfGOr5BDKJif2qxqexLtcTqsx4vjiU06O7Da8nxyl8BPEw6-c-wFecT97O2A10uLRrJJzk-cFjRp3LuccKizUVh1krAbrpQyryxLdcE6YYeWEwYUr2gv_txu6_R8ada6cF1r3gP6hjUIeItg7SdCmnRJ2nPv0tVinJekTtlHr_AGQIO52XF_y_ew8oQUNL3gb1u54sfM4Z7KzsmB5AK0i0rwoMONKNyZPNe4sJP-ryUzhf_fuL5mvd4vMkCMl33-luEy6LNt2ctlTQwUVDVsESBOY__skz2XCzEPV1X4_21BtIO6ljL9fupPLkPn9vT75B0leq5r1U6wzatLWsPJjUiB-W-DNYmC-ccRUjuTSn_PVw4uciS8wmjflAQ_HB4rvZt_aNShROeyvlKVZDBJHaRuIY1jOhTifJFx03BDJ3yAGvI6A0ywH19A7O0y9HcJ6twcQR0Kw1JZbbXxMqY65933CMD9zbXFaNKYp4DwDB-GoLDPWB98kx1zuJj-08STaQ-3yypHU3PsF23sgVWngijkL_URKFJwYLo2Mzq13GcT9qP6mi0jeJ1bxD_U8L_uI37CWxTLy_81cKrl7NiOXSl7CT-spHPOIJe5QTpQjFF-Z3e_4suCdj9mEUuQUmtTgQaJy7yVS9wvdkzqBuhfPe2ePpyP8sjRMUTnKs3ONNtU0sbACVwY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-4g5edndl.c.2mdn.net/videoplayback/id/fe261be97a163411/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3810453843/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D262 282 KB
0 65ms
38ms Media
video/mp4 2a00:1450:4001:18::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:18::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 19 Oct 2022 18:07:59 GMT
date: Wed, 19 Oct 2022 18:07:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3172674/3172675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3172675
last-modified: Mon, 17 Oct 2022 11:22:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AF 0
20 B 243ms
242ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bw6cx_jxQY5rbMoPjxgKTwofABAAAAAA4AeAEAg&bg=!rq2lrenNAAYeOJy_Pjg7ACkAdvg8WsCqVTw80OOBAkqx7pZxHnMLAr9qL8VkpSU4F11orB7b_czZ3wIAAABmUgAAAANoAQcKABp-o6aCq2wosfYMcUOvZznlCg58OeHgB3T8vJkC08C2px5YX6dbNRVa17g2faZC-pHCdvOFqxAsacCnqcWZPECub-yDvthj0_AKxOQ_SogIANe_07wGtXpQ9G5kFpL7GDshhkiEhdvAPIcyXi5HbXvGnsLAXTMfXSy2cH6YXQU0vECBFErM76j-rraQrAyCbsF6LE2GgII6YEU1zTktuI7DAzopIGoEW0_eA8u0yMGrupLORhtcjS0SeLb22Glae7sjbSZBwfS_s3jtv2DhP42qqDIizt1yINY0Rb8HtOx4eptE3_lj5GPkUPV-M1EeOMbLwtsCEnyh5Nq3qTx1_NrJ_GxrbEbHsG66qz3akXUvgaNoGs565mDZtqQj_bywlBeLNgsP8tD81-pTiNO8ODi0zLXZ0RWKG3sAtlm9NFOD64Qsicfm9Js09tBDFmpyfkXT40GNc60RZ8nJw-vi2-jBvJ5vcXtsx-rA3YNCgdPqp6S2eJUeGM1jjQpWFE8m9WB8nvORzygIsG9DbkpQcaUWwY5ReP1C1c1ns1vKcT9esHvTG5h6UrLOz2N8fu4vQXGKTLfZHv1at-d_43Mgq0lkxQxQsr3ksZSKkdmtGKc6EmL3KtLfIxXYhp21IhediroVEj-tucd1PqmZlJA0NeexH4zp_AFRHXAl-FKqq0k1em8dQYgIBn4cQFaGs7BOKqw_e5K6DvA2jxoNv74h4CNY-vd1e5Aztg8ZW9yP6qWyrOBn59tUQKerAXNMGMEzXcV9LB_W-In69Fe3Zi_VhRuX7xYmDMScLacCS6-xNwy1JD6RQVy0EsXsT4-mqZWz7EkrMkbvNAG_Ck05PtyIvetEbAGwWrP-JUIeDhfYzYEBooPzmdeRLzMxM7ShzqKmOp4VFQY3TTdG6KiC625ivR232m4O1Y_THAnV6aPH3kIC0Mk9QftUdaG2AQznREtl2I_HK2NrvEq5j0veUxQ9_Jnq_1F7aI08hjgwxpNBjB3RrQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1A0 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-AG5mMAB1BdpD4fg9uOPKSEAaUkr2bVXnWMSxlAmwuhlRIj1vo6fIdQIAOIvjT1Hm7b70LQk0SBzE9ASAWt9ZmlIBNIXRvlyR3PLZUX_jUom6oSmjnPJCH_09Q37rnpcnofNMdQ&sai=AMfl-YRau2Qy4UQ1iV712JJhuu9HSNivXgpC6tETT5cDZWQzjWmy3QRDQPQlJHtm7PH_Mlr0Rm821py7yFSlY8jKibjE0Z8Wav_9OFqUByGKkg4b8LJpczFJzAjlUWfjAw&sig=Cg0ArKJSzEcX7AUiOyUJEAE&cid=CAQSOwDq26N97yWfv2lRQZ0IW2n45zR-lb8EL7pJmUHyR1hhMYALYUFDMVUgPVrDmOsKg4Zrs5LR7MO4BwgRGAEgDg&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=798,1000,1000,1000,1000&tos=798,202,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666202878343&rpt=511&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D262 0
54 B 338ms
36ms Ping
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l9fy69do&c=1215366532988&slotId=607683266494&qqid=CJrwlbXx7PoCFbcOswAd85YD7A&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=852&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=10&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 18:08:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.outlookiniciarsesion.com/	1970-01-20 08:59:38	Name: _fbp Value: fb.1.1666202875543.2010498937
.outlookiniciarsesion.com/	1970-01-20 16:11:38	Name: __gads Value: ID=6ce0871236e144fc-22e89d174ace0048:T=1666202875:RT=1666202875:S=ALNI_MY4GkiCY1KPLyUyr5RU3vCSMppQmg
.outlookiniciarsesion.com/	1970-01-20 16:11:38	Name: __gpi Value: UID=00000b758996dd9b:T=1666202875:RT=1666202875:S=ALNI_MYsxGqlg7uGlYkvBVzWZ1nNowtkLQ
.doubleclick.net/	1970-01-20 16:11:38	Name: IDE Value: AHWqTUlKXqAW3i9fPaYnpBIffa2DlQnQlPRwg9iTyhuuMS6XJmHmdAJT-3aFNlecJZs
.doubleclick.net/	1970-01-20 06:50:06	Name: DSID Value: NO_DATA
.outlookiniciarsesion.com/	1969-12-31 23:59:59	Name: __utmc Value: 268507503
.outlookiniciarsesion.com/	1970-01-20 11:12:50	Name: __utmz Value: 268507503.1666202877.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.outlookiniciarsesion.com/	1970-01-20 06:50:03	Name: __utmt Value: 1
.outlookiniciarsesion.com/	1970-01-20 16:26:02	Name: __utma Value: 268507503.459509821.1666202876.1666202876.1666202876.1
.outlookiniciarsesion.com/	1970-01-20 06:50:04	Name: __utmb Value: 268507503.1.10.1666202877

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
app.envialosimple.com
bid.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
draft.blogger.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5edndl.c.2mdn.net
resources.blogblog.com
s0.2mdn.net
ssl.google-analytics.com
static.doubleclick.net
suitcom.com.ar
tpc.googlesyndication.com
www.blogger.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.outlookiniciarsesion.com
172.217.18.2
173.194.76.154
200.58.122.108
2606:4700:3036::ac43:c78f
2606:4700::6812:acf
2a00:1450:4001:18::9
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:813::2006
2a00:1450:4001:827::2003
2a00:1450:4001:827::2013
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2009
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
08feb6c7ce3d347d741c038844d50d8bc8e895a38ca59861fb46f3a531c2c333
092f0eb5e169f957cf9b81dc0d41ab42dd49e4ac3769308f9d2ab49edaf4527d
0d3346b5ccb38c16cdc5ace14f265f9e60bbb2dd38652b375547e47c00302b6d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1bc710a8cf6037b9c9e085e7bd71d5bd87619371a96ed017249f3068195b2a30
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f675fe46d39357c1af24f477d109a6dba8f548e134c05ee813bd9fafadd9113
21e057372a96679c80cce6d20774b77699906574b4b303719fd149b273f48e80
22a99d5bb05fcf553b2949937ff834428a00d6b5846663364f99e22848f11f19
25104ab3fd6fc6bf33f61e0521336fca5e898c49a76a1265cf01be9fc747b6d1
288536942edd2d9002fff4b7d9085f331ff73ea9cd24653e78e6a17ea09c5a0d
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2a9d6bb2c139e0a647fd81fd27ec5e5604c12b527ea25fa39ab5b972a88bcc67
2c884a5d1652fba65b3ce99b98377f24752519730bbc48a5dbe2e8904c36bc44
2caf6b43a26403bc0656b68607a3f178d300e9fe38c0963ebabe211001c92791
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
37512059e7516519ceed7ba00ca5d7523cc5d15ca922435b692ac3678bad5496
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
38b64cc14b9729f7f940791680967901ca67f5eccfe7c3f1afdf01bdf5030841
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3bc0f37f0a76de996a8c92161a9db8a6cf70a4e1c369d1985fa88c996711d428
3c59cbbd7debdc7a8932a065d5437b2da45762d84070b180d47e861fe1efbf78
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4937fa1d1364f7cf9801e72b6a00d5db7de44b3d2ad08f1bc5760cd42623e428
4939a698168291f25d166323aa16cbe45e1ea55c6162bc286ec963e2617efefa
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c96d5751aaa09789f95efb94f8e0ac29867c2feb3f66ffe346fa7939cc29cf4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a
512d81252cf7a28724b3b36326433b93c5979de856071513f7a5caf4c788768b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a51333c0c44393c2563dedf27b2b2e4723ab968dd6e4641053291126b890cf6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6363ae3512eb57d501c15a5a5bd491f0b243f4791149b5ca91ad2db8cb92fd66
67553df3c0b2841ffec7c7c5c2409ca8c52c59b6f2ab35feb9ec5b2eda21d6b2
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6918d18e7ae5ddef561b97436bde3bf5c15c42cc34c2d0e5da9298ac98e9f54b
6c7422a9c15b9c96f542187ad5163d70c87a911d204ee418ea214e063d728f4d
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6fceb75f7716695456bb6c0ea0a92c301ea514de326ddc38ff302461f531de99
70b5fa02edfe0c1e078e5c4e4c13b7b6ec568fc911243b4fa4745c43e92355ba
77a62b06795d46e4cae3f79a810b2c5c7ffb8311740dbe0a0ab1660df2db6c95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bc47b5f76bdfc7bf77fadfee3cf0df2820e1d30ec525ea9ee58838b5afe34e
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8dbee482f4cd458aa85600537ae0bdf16742d2bb655219f5e4cc7d3dc47f2011
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
90defcba4f65a3eb64ff25ea5db6eafbca1f5ae67029947f75025f12dea239cf
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
943e4f596c022417a21200f6789eda7d05328e8837b3b63c858fe54275801165
961ee3bbccecf78f17bfa4f495b26d863973ed9ea82ae53b33134fa7f355bc76
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
993fa03dedb014a3258eaa2f2daf1ea69dd48c8fdebb5e6da75bbf957db4d602
a1eff1158003db882d67f234f3e663ec04950e4e2768be43b6ae9774bb15d8a0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8a31ea7f57b84a9fc7cc7d9377858df48be40cc4ac89a9f73b6e762e3072362
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad94efbf484d1cbb81a4850f812a896de86a5253aa9c68d2ebbf7e8012247dfc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b05e6af7dcb9d62777e32c55dbc5ba779662b4f8a107ed13afb3a8aba2bb169e
b1bfe9f4caf77b08666a335fca51bb9e3be136f84852e249bef6b42b2e4a5eac
b470c33b85c220a8319c249bdf407654e70e8c49ada332b37249e27a0e7cbfd4
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b73264c0c90d138f73a32bc6543eda4662c2f3a495749027f766f020a3ab1a27
b8a711f600337ceaca0ddcd4c45f9c5169211493b662c6410990477b75f380af
b916fa6539644143cbc7d5f686eabc1039c85d327fdfe47bbdc1361f4cb357cf
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3427786f019f31a5c0cfcb59fa2d60d0beab67281fbc80fbff73c20d867aa55
c6692cfc51d2625a25430efb54bbae2738a27b1dee4ed7e4d3e9ea66cf8e4d56
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cfe89a996bfa1eca6c65adb2bd273ca5bc46ea1a9e3a5bb2275e0e51f879f511
db2136e4db2916abf279925757a082f59eaa074b19f09d41611c77444024315b
dbcea4c587b951f5e0e92f5a7634fb956e4a236343ee219ff986e4f3dbb571cc
e1c73848fb40c5eaa260ca12670dcc3496839f5ad335596bc7d54d139938c830
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec74b3278b3a952dd642d33120b74f75ec33a97b807496bd1d9330e441c3ac53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67f1e8d785318377117163c461d3a94e841f49b08c4eca901a6bde9a969d74c
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f883c02f5e51309adc988838964a86ad7ff4414043793eac21b49412feec6794
f8a0417ed308d219bbf069e77f243964ebca50c3d8ea3c099b16aa46257e713c
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908
fdb15d3515b18bc0a0d7d368944ebd99a05e865c53c82d9a39e038ca52fb1c4d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.outlookiniciarsesion.com Open in urlscan Pro 2a00:1450:4001:827::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

98 %HTTPS

89 %IPv6

19 Domains

34 Subdomains

28 IPs

3 Countries

2684 kBTransfer

6445 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.outlookiniciarsesion.com Open in urlscan Pro
2a00:1450:4001:827::2013 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

98 %
HTTPS

89 %
IPv6

19
Domains

34
Subdomains

28
IPs

3
Countries

2684 kB
Transfer

6445 kB
Size

10
Cookies

182 HTTP transactions
9 data transactions