192-168-1-1ip.biz Open in urlscan Pro
2606:4700:3030::ac43:8156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://routerlogin.life/
Effective URL:
https://192-168-1-1ip.biz/
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2021, 1:03:03 am UTC)

Summary HTTP 84 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 16 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3030::ac43:8156, located in United States and belongs to CLOUDFLARENET, US. The main domain is 192-168-1-1ip.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time 192-168-1-1ip.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:1376	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::ac43:a756	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3030::ac43:8156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:992e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
15	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	80.239.201.86 80.239.201.86	1299 (TELIANET ...) (TELIANET Telia Carrier)
19	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
3 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
84	19

1 2606:4700:3030::6815:1376 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

routerlogin.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:a756 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

19216811.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:8156 (United States)

ASN13335 (CLOUDFLARENET, US)

192-168-1-1ip.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:992e (United States)

ASN13335 (CLOUDFLARENET, US)

cookieinfoscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.86 (Sweden) 1 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-86.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	453 KB
15	doubleclick.net googleads.g.doubleclick.net	121 KB
8	yandex.ru 3 redirects mc.yandex.ru	3 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	116 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
5	googletagservices.com www.googletagservices.com	175 KB
5	192-168-1-1ip.biz 192-168-1-1ip.biz	64 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
2	webvisor.org 1 redirects mc.webvisor.org	432 B
2	google.de adservice.google.de	1018 B
1	seadform.net track.seadform.net
1	googleadservices.com partner.googleadservices.com	662 B
1	jsdelivr.net cdn.jsdelivr.net	83 KB
1	cookieinfoscript.com cookieinfoscript.com	4 KB
1	19216811.site 1 redirects 19216811.site	579 B
1	routerlogin.life 1 redirects routerlogin.life	567 B
84	16

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	192-168-1-1ip.biz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	mc.yandex.ru	3 redirects 192-168-1-1ip.biz cdn.jsdelivr.net
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	192-168-1-1ip.biz	192-168-1-1ip.biz
4	www.google.com	3 redirects tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	mc.webvisor.org	1 redirects 192-168-1-1ip.biz
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	track.seadform.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	192-168-1-1ip.biz
1	cookieinfoscript.com	192-168-1-1ip.biz
1	ajax.googleapis.com	192-168-1-1ip.biz
1	19216811.site	1 redirects
1	routerlogin.life	1 redirects
84	20

This site contains links to these domains. Also see Links.

Domain
192.168.1.1
192.168.0.1
wikipedia.org
cookieinfoscript.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
mc.webvisor.com Yandex CA	`2021-08-20` - `2022-02-11`	6 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://192-168-1-1ip.biz/
Frame ID: D7F150240EE02BBB195B31FF5A88C867
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 738A9CEABE5AEE666A6284FBC0F8F3BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281
Frame ID: A8543576AB17E342C9631618E9DC20E1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302
Frame ID: 919671AB74555281A90F907128B1F22B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320
Frame ID: 135EA8AACCF94EE292AF4714031E9F24
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&adk=1812271804&adf=3025194257&lmt=1629061041&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F192-168-1-1ip.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762110&bpp=3&bdt=186&idt=296&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280%2C240x600&nras=1&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=308
Frame ID: 8FB5632FDF101E49141CBF704C570E8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9C7CA90CA52529B9DE31E7BD4889CF4E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0F930EF2445A40CA86C82627E788B929
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E4176B9F26670EA9E998A687348ED553
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js
Frame ID: EB50B2CC701F663012FA9D6B7F8B3C19
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js
Frame ID: 80DEF1ABD313F0140ADACB2478AFF233
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js
Frame ID: 66921268E733546391551BB478737EF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
Frame ID: 794AFFA750EF2DF5C84E4C07A330DDA0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js
Frame ID: 466FD7065754DFC5482101A5C63D40FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 370C0A7B68C2C09A77D5706A33334CBB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C62D16CD71F514C866552C85C93BAFAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

192.168.1.1 - 192.168.1.1 Login Admin

Page URL History Show full URLs

https://routerlogin.life/ HTTP 301
https://19216811.site/ HTTP 301
https://192-168-1-1ip.biz/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

84
Requests

100 %
HTTPS

85 %
IPv6

16
Domains

20
Subdomains

19
IPs

5
Countries

1055 kB
Transfer

2582 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.1.1/
Title: 192.168.1.1

Search URL Search Domain Scan URL

URL: http://192.168.0.1/
Title: 192.168.0.1

Search URL Search Domain Scan URL

URL: http://wikipedia.org/wiki/HTTP_cookie
Title: More info

Search URL Search Domain Scan URL

URL: https://cookieinfoscript.com/
Title: cookie script

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://routerlogin.life/ HTTP 301
https://19216811.site/ HTTP 301
https://192-168-1-1ip.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A342470572502%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A37248893%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Ati%3A2%3Ast%3A1630803762 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A342470572502%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A37248893%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Ati%3A2%3Ast%3A1630803762

Request Chain 12

https://mc.yandex.ru/watch/52385854?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A521924747612%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A164904445%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630803762%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin HTTP 302
https://mc.yandex.ru/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A521924747612%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A164904445%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630803762%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin

Request Chain 23

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9386.-oPmKWjf5CAWA4rWCE2EJJO6KKuGVR2HkuS6HZTyGTZQR3wCXDzVbWMt5wFeLBsK.LVRPN8xDDvKhJWcERE5FJfeiqjI%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9386.Qk6FxbR6mLImm7YBT3Ri9wC-ebKDfSem_tr0lm1zHKzJlSkqvAraVCQ9lyh7dCSuJpA2TD5atQKVtHQaXdwrIA%2C%2C.K38RMRo9lgSwMgx40J0LCxz82OU%2C

Request Chain 56

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

84 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
192-168-1-1ip.biz/
Redirect Chain

https://routerlogin.life/
https://19216811.site/
https://192-168-1-1ip.biz/

27 KB
7 KB

68ms
40ms

Document
text/html

2606:4700:3030::ac43:8156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://192-168-1-1ip.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af6c5be83e60f66720912d58ce0d120048de1fa2e0635865dcbd3b520ea42a4

Request headers

:method: GET
:authority: 192-168-1-1ip.biz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
content-type: text/html
last-modified: Sun, 15 Aug 2021 20:57:21 GMT
cache-control: max-age=604800
expires: Sun, 12 Sep 2021 01:02:41 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3d4UqShigYe1PYq2v4xY%2F0Q2GsWNAVGYccE5oHCaWr%2FcgOpAobx2YGzjMpdWlUt5nw7hRl5bqPp47QmEOL1tkOFb%2FHnbx09HWUl93yO9D26ed%2BI5Jt2SLgt3ngLIQkNJb416LYgvn7LjC652T5BtkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 689b8897bf97177a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Sun, 05 Sep 2021 01:02:41 GMT
content-type: text/html; charset=UTF-8
location: https://192-168-1-1ip.biz/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B01Mo%2Bc62cnkBdTAkmAw2yvKM9%2FYf4rZ5HwTiWT%2FNoX2if%2FH9jtX%2BHTL1XR%2FC0w1flse%2FOM7Wmw0lzcu70iXmi47brt4aj4ZPYJrXBiPW%2FDUYb4f%2BXrFimpC2MJLpBLWY%2BSLrRKaAGay%2Fgz5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 689b8896ebc05c6e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.css
192-168-1-1ip.biz/css/ 68 KB
13 KB 37ms
21ms Stylesheet
text/css 2606:4700:3030::ac43:8156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://192-168-1-1ip.biz/css/style.css
Requested by: Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db75d162abd392db5a46dbe77d85ecc104286c6792766ae9c0327fb95a481033

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 192-168-1-1ip.biz
referer: https://192-168-1-1ip.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507273
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 18 Aug 2021 13:05:51 GMT
server: cloudflare
etag: W/"1113d-5c9d517f989c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9jghVGmBZT1vKSj08h5LkrdkcJT0mqa1QskVfTgAkizo7VyIgkp0sXdmZdm5jYED8Ywu%2F4uJHuoPHUmH6XhiwgfcczfiGEA6B41ICZCeB%2B4xdPvVnwyafE1UmtbA9v6egV%2BIC8yoKTCMSh%2FQarWug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 689b88982ab32c42-FRA
expires: Fri, 17 Sep 2021 14:21:28 GMT

GET
H3-29 200 logo.png
192-168-1-1ip.biz/img/ 19 KB
20 KB 43ms
26ms Image
image/png 2606:4700:3030::ac43:8156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://192-168-1-1ip.biz/img/logo.png
Requested by: Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853241b51a6732b0f482495bf748e64bbcf1468c98c9858f2416d266a0ff02d9

Request headers

:path: /img/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 192-168-1-1ip.biz
referer: https://192-168-1-1ip.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507273
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19405
last-modified: Fri, 15 May 2020 02:50:21 GMT
server: cloudflare
etag: "4bcd-5a5a6dfc5f540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24mFFxXDvCkR3iDoaL5tU0bv%2Btw6Msnq9TJvKfnQO6LuiMzXb4rQ4eTNAU66NdAf6soMADx5pUO3utqA65G5Zw8ngfGGEcEEUgXhaabktGZz4fS0BJKOJ%2FtkckUBwvwv8gxYnzsMG9MjRF8EDYeidQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 689b88982ab42c42-FRA
expires: Thu, 18 Aug 2022 14:21:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 71ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44d9ff83d6cf89e1fff49d694dd418b13059f6dd62e135b8a2ce7cec8db9f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49529
x-xss-protection: 0
server: cafe
etag: 827984926263973901
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Sep 2021 01:02:41 GMT

GET
H3-29 200 icon.png
192-168-1-1ip.biz/img/ 20 KB
20 KB 30ms
15ms Image
image/png 2606:4700:3030::ac43:8156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://192-168-1-1ip.biz/img/icon.png
Requested by: Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3f90ac82323da5d89e35ce6c87d828faddd812998d3b8a80a1a0575c5f66c0d

Request headers

:path: /img/icon.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 192-168-1-1ip.biz
referer: https://192-168-1-1ip.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1507273
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20329
last-modified: Fri, 15 May 2020 02:50:21 GMT
server: cloudflare
etag: "4f69-5a5a6dfc5f540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiN%2BUTrKI0dkJioPRByCrTaC5AeH7%2FIgWp6o3VHAcoPuP%2FBN3tJwMeDVHIowIrbjMzQw%2F4J0N%2FMGJbSO9TWY7KF%2FeXdLX7q28HgTyw46ti%2BzaB8KKZ9io5LFEWX6%2Fju%2BP87gpBKfKi05Z1yoMOmDsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 689b88982ab22c42-FRA
expires: Thu, 18 Aug 2022 14:21:28 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 08:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Sep 2022 08:39:48 GMT

GET
H3-29 200 script.js Show response
192-168-1-1ip.biz/js/ 8 KB
3 KB 30ms
14ms Script
application/javascript 2606:4700:3030::ac43:8156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://192-168-1-1ip.biz/js/script.js
Requested by: Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54a5a814659b7cbb39a54a2e91f41a1f2d47029b8a673b9e0eae702df4e78f3

Request headers

:path: /js/script.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 192-168-1-1ip.biz
referer: https://192-168-1-1ip.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296356
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 15 May 2020 02:50:22 GMT
server: cloudflare
etag: W/"1fce-5a5a6dfd53780-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDZjF0AwpGzZu%2Fm0%2F3%2FP0HabIAZmAAIg1GveT6oHgkqcM1l9YlJ%2BlzkLgt%2B1QObpJYV1QnyNVBPKwQlQq33OpwmNFZmo2xpwJb4uAH0bY%2Fy4DrKUN%2BclTrIusVhInlQhj3LJg0IyE0Ck4LUBLbE4cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 689b88982ab12c42-FRA
expires: Wed, 08 Sep 2021 14:43:25 GMT

GET
H2 200 cookieinfo.min.js Show response
cookieinfoscript.com/js/ 7 KB
4 KB 53ms
21ms Script
application/x-javascript 2606:4700:3031::ac43:992e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by: Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:992e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5415
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 6FZAM1364E2BV84G
x-amz-id-2: +Uhlf5OUoVQ5xFl26ru3QJIN8Q2TaB/GZHt1NWs2sCynlXAyIfWOeCU/H17Ts5pLUVeqfjdmw+o=
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
server: cloudflare
etag: W/"d15d93068c1121f63008407d339bd819"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMYPgp6Rg6IIHKVmtCv8Hd4%2B5f9%2BbHka%2BxfhFKRKo3iBEe2FbX0Iv%2B8fbVywwFE%2BVtxJE%2FaTu7Qan0Mn0RB2EBBJgjgVERfy8o1i7EPOzhF9IudycEovwx7QmrUrLI7WPlpyj%2BsV0QoXU%2BnR9Gu5LJY69Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=2678400
cf-ray: 689b88983ce9c2d1-FRA

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 225 KB
83 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

002a64158974851604a71c0ac7f1a06c2f0eb3a51606253d2453470b96913e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 38495
x-jsd-version: 1.200.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 84891
etag: W/"38267-GoUqGcV31N0wgqs4xWqW/uok+bU"
x-served-by: cache-fra19147-FRA
x-jsd-version-type: version
date: Sun, 05 Sep 2021 01:02:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 250 KB
93 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8702107765465423&plah=192-168-1-1ip.biz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95178
x-xss-protection: 0
server: cafe
etag: 9330497266985682447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 738A 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Sep 2021 16:11:58 GMT
expires: Sat, 18 Sep 2021 16:11:58 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 31844
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%...

147 B
238 B

50ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A342470572502%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A37248893%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Ati%3A2%3Ast%3A1630803762

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

29c7ff572995507d61dd9f4b0407f1f9ce82aec0accf3c1d79116064213a5680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 05-Sep-2021 01:02:42 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://192-168-1-1ip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 147
x-xss-protection: 1; mode=block
expires: Sun, 05-Sep-2021 01:02:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:42 GMT
last-modified: Sun, 05-Sep-2021 01:02:42 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A342470572502%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A37248893%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Ati%3A2%3Ast%3A1630803762
strict-transport-security: max-age=31536000
access-control-allow-origin: https://192-168-1-1ip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 05-Sep-2021 01:02:42 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/52385854/
Redirect Chain

https://mc.yandex.ru/watch/52385854?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3A...

330 B
365 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A521924747612%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A164904445%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630803762%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d493ae04af81562d0f81e0deaf1cc2f3991f35ccaa427d4de1e9161fdea6cd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 05-Sep-2021 01:02:42 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://192-168-1-1ip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 330
x-xss-protection: 1; mode=block
expires: Sun, 05-Sep-2021 01:02:42 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:42 GMT
last-modified: Sun, 05-Sep-2021 01:02:42 GMT
location: /watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A513%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A521924747612%3Ahid%3A596616457%3Az%3A120%3Ai%3A20210905030242%3Aet%3A1630803762%3Ac%3A1%3Arn%3A164904445%3Au%3A1630803762175095233%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1630803761575%3Ads%3A10%2C17%2C40%2C1%2C277%2C0%2C%2C119%2C3%2C%2C%2C%2C468%3Adsn%3A11%2C17%2C40%2C1%2C277%2C0%2C%2C121%2C3%2C%2C%2C%2C469%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1630803762%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin
strict-transport-security: max-age=31536000
access-control-allow-origin: https://192-168-1-1ip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 05-Sep-2021 01:02:42 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
165 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
last-modified: Thu, 26 Aug 2021 15:39:16 GMT
etag: "6127a958-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 05 Sep 2021 02:02:42 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
662 B 167ms
57ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=192-168-1-1ip.biz&callback=_gfp_s_&client=ca-pub-8702107765465423

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8702107765465423&plah=192-168-1-1ip.biz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e9b65f42a0bbfc16f3b484b802c00f5bb94a6c8d3723d375f43edb032af9b927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 41ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=192-168-1-1ip.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=192-168-1-1ip.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A854 77 KB
26 KB 524ms
510ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d48b72c6e4560164947092942b4011ff3cfedc5ecaba19162a4ac8861cc2105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Sep 2021 01:02:42 GMT
server: cafe
content-length: 26604
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Sep-2021 01:17:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:42 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 51ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9196 82 KB
28 KB 516ms
516ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6a8ef76937a7df0865f1ee1a2019312ffd2d5bbedac547a3dcf395a2b6083cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Sep 2021 01:02:42 GMT
server: cafe
content-length: 28388
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Sep-2021 01:17:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:42 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 135E 65 KB
25 KB 471ms
470ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

547830d1b69a5236d2652e0f233f9475b4ab94a2b37653c1f66e618d88ea1eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Sep 2021 01:02:42 GMT
server: cafe
content-length: 24897
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Sep-2021 01:17:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:42 GMT
cache-control: private

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 18ms
14ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F192-168-1-1ip.biz%2F&tn=DIV&cls=cookieinfo&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FB5 118 KB
33 KB 682ms
682ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&adk=1812271804&adf=3025194257&lmt=1629061041&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F192-168-1-1ip.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762110&bpp=3&bdt=186&idt=296&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280%2C240x600&nras=1&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85039a238feaf4d0564e6ba6c8336787fbb0a5afbbb2cfc98d2f94065be9e881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8702107765465423&output=html&adk=1812271804&adf=3025194257&lmt=1629061041&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F192-168-1-1ip.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762110&bpp=3&bdt=186&idt=296&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280%2C240x600&nras=1&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=308
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Sep 2021 01:02:43 GMT
server: cafe
content-length: 33992
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Sep-2021 01:17:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:43 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9386.-oPmKWjf5CAWA4rWCE2EJJO6KKuGVR2HkuS6HZTyGTZQR3wCXDzVbWMt5wFeLBsK.LVRPN8xDDvKhJWcERE5FJfeiqjI%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9386.Qk6FxbR6mLImm7YBT3Ri9wC-ebKDfSem_tr0lm1zHKzJlSkqvAraVCQ9lyh7dCSuJpA2TD5atQKVtHQaXdwrIA%2C%2C.K38RMRo9lgSwMgx40J0LCxz82OU%2C

75 B
75 B

83ms
83ms

Image
text/html

80.239.201.86
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9386.Qk6FxbR6mLImm7YBT3Ri9wC-ebKDfSem_tr0lm1zHKzJlSkqvAraVCQ9lyh7dCSuJpA2TD5atQKVtHQaXdwrIA%2C%2C.K38RMRo9lgSwMgx40J0LCxz82OU%2C

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.86 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-86.teliacarrier-cust.com

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9386.Qk6FxbR6mLImm7YBT3Ri9wC-ebKDfSem_tr0lm1zHKzJlSkqvAraVCQ9lyh7dCSuJpA2TD5atQKVtHQaXdwrIA%2C%2C.K38RMRo9lgSwMgx40J0LCxz82OU%2C
date: Sun, 05 Sep 2021 01:02:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 18285271241776982511
tpc.googlesyndication.com/simgad/ Frame 135E 100 KB
101 KB 9ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18285271241776982511?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwSzkP0Mswp2KvpEErm3jrZk4l-w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a6fbf910e9852a7f17904d34f6d1c2a04b9ed799c9e3590f97fa168b1f941e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:16:21 GMT
x-content-type-options: nosniff
age: 146781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102865
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 09:07:20 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 08:16:21 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 135E 18 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:33:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 135E 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:52:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 135E 122 KB
37 KB 59ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 135E 14 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 01:00:02 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 135E 26 KB
11 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 19:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10845
x-xss-protection: 0
server: cafe
etag: 14737611871312058204
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 19:42:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 135E 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4kYKMhc0YaqRGZbl-gaR64aYCs6huvVk-c64l9kO2tkeEAEgopm0SmCVAqAB8YP9lQPIAQKoAwHIA8kEqgS8AU_Qln5JG5wEcNgTUMepq48Zrt48byTqyMFr9H3TixHNhdLtw6A9ijhWMDu2RoTxsiWlmp8xjNS5pI0fZ8iM-YWSTfqsD8qKuBGbzrm7LQ3c4JCvRxmbjuvHVPCBfVc-8otmudorNt7d_dj3CmxRtrCOwevPIC7oXNz-WM_viX-Tx6UB5gdS01QHFNJ-anMVwbfy2UO5Ajz2ZGJuIFxXy_buhUqcjyPxoCCqqblqSsBzHkq_za2kdB1kR2PcwATHpYKp2QOSBQQIBBgBkgUECAUYBKAGAoAHhZK1aqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQrOMF0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTg3MDIxMDc3NjU0NjU0MjMYAA&sigh=cVsCQfzaNl4

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Sep 2021 01:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A854 3 KB
674 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 23:33:06 GMT
server: ESF
date: Sun, 05 Sep 2021 01:02:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame A854 1 KB
857 B 23ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:51:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame A854 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:33:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame A854 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:52:59 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame A854 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:58:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A854 122 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H2 200 550517e8bc13b6c9510094b6b7001d9c.js Show response
www.gstatic.com/mysidia/ Frame A854 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/550517e8bc13b6c9510094b6b7001d9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10776
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 17:32:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 11:21:09 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A854 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWSIUMhc0YbqCF9aLx_APwfir2A-17Pb4ZNSr8YWGDuiqtpWLAxABIKKZtEpglQKgAZKZq_wCyAEBqAMByAPLBKoEugFP0FKiJ8Cm-BZwdDKQo_KsodTvq7DsV8NRhTb4NISdi8i-hRkTeZHnhAYUzRBV7XcfYmzSiexYcXrFpitJVtxfm_-iS6Ugi_KtBihVMrtrGm9aTyoCjl-RkoDtIrocB0CUDgGRYeMKNhHxmmOhjpbkTMtjDwiLEYWjs2KjEjEORP-2N-xAsaSOG8ORBmghFzmz0XwUKKKiJ-PLJ3BF6P5fYFoOoIhyObyQDtMU8rYQMI-JneNNhasIWVLABOm-jo7LA5IFBAgEGAGSBQQIBRgEgAfW5tSDAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwUQ9qmAA9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04NzAyMTA3NzY1NDY1NDIzGAA&sigh=JuSriA-EszQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Sep 2021 01:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C7C 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762078&bpp=2&bdt=154&idt=311&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rrZYB7lSdF&p=https%3A//192-168-1-1ip.biz&dtd=320

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 05 Sep 2021 00:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 9196 3 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 23:21:21 GMT
server: ESF
date: Sun, 05 Sep 2021 01:02:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 01:02:42 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0F93 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762061&bpp=15&bdt=138&idt=257&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&correlator=1232110595924&frm=20&pv=2&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=zkzjYExXlf&p=https%3A//192-168-1-1ip.biz&dtd=281

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 05 Sep 2021 00:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9196 1 KB
857 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:51:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 9196 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:33:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9196 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:52:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9196 122 KB
37 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9196 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:58:00 GMT

GET
H3-29 200 550517e8bc13b6c9510094b6b7001d9c.js Show response
www.gstatic.com/mysidia/ Frame 9196 26 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/550517e8bc13b6c9510094b6b7001d9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10776
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 17:32:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 11:21:09 GMT

GET
DATA 200
OK truncated
/ Frame A854 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c74e9aa7c449d9bc85e3db6f54b75b87ddc5e5d7a9d00287730e4bff538d015e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 135E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d97426daa2230b87b267328b0d7b0d25c34fd28ac37a495a7fa79b70c828246

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A854 21 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options: nosniff
age: 283960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:10:03 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A854 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options: nosniff
age: 283960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:10:03 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame 9196 35 B
0 169ms
49ms Fetch
image/gif 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=39974101;1x1inv=1;srctype=3;ord=3736456147

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9196 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRSmcMhc0Yf2IGIa8gQfmk4ToDIed3oxk8pvAgJ0NipqDsegOEAEgopm0SmCVAqAByOTXigPIAQGpArfO9ogf7rM-qAMByAPLBKoEvwFP0Pdw4rBSe9XgjK921YulKqQ1W8DKqK4AKHeJ7w8zcF_et4fJRbdK-052yTdDFcv6xvkng_Nt8LrXbsunyorn7xp57iBSkTY1i8gqvJ-V94DUzYDeYk6ThzRP00WGjQzqmeDv4Bf0141Qc5kOrTvdse6UJ8rHgGGmmyUxXqFHiKAar9prkzfLq7aWcvn56Hfda3MiNdzwg94E_iaLYC_SYauO-vGvpDoGFzEp--H8k1XKLOFdklTRoUNnS8FlmcAErbWc8q0DkgUECAQYAZIFBAgFGASAB6CbqHWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcFEJXB3wHSCAkIgOGAEBABGB-ACgHICwHYEw2IFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItODcwMjEwNzc2NTQ2NTQyMxgA&sigh=q9WGVCOLbqc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 05 Sep 2021 01:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E417 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 05 Sep 2021 00:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9196 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e36cdec35dcf1e15f4cdc88d49fffff520a7de0c33a0c77d15d733c0f483fe4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C7C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Sep 2021 01:02:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 05-Sep-2021 02:02:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Sep 2021 01:02:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9196 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options: nosniff
age: 283960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:10:03 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 9196 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 18:10:03 GMT
x-content-type-options: nosniff
age: 283960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:10:03 GMT

GET
H3-29 200 sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js Show response
pagead2.googlesyndication.com/bg/ Frame EB50 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f14afeeb671e825b4e19d24a758a41be4632a63b168aec621b01dbf98c1bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 23:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13254
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 23:26:27 GMT

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 145 KB
52 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50f36dfa6fece434e88e474d214553f6dc1972a8b05f4cdcc3db65890644bd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53147
x-xss-protection: 0
server: cafe
etag: 6967682741169739163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Sep 2021 01:02:43 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0F93
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

18ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Sep 2021 01:02:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 05-Sep-2021 02:02:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Sep 2021 01:02:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js Show response
pagead2.googlesyndication.com/bg/ Frame 80DE 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f14afeeb671e825b4e19d24a758a41be4632a63b168aec621b01dbf98c1bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 23:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13254
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 23:26:27 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E417
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Sep 2021 01:02:43 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 05-Sep-2021 02:02:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 05 Sep 2021 01:02:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Sep 2021 01:02:43 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js Show response
pagead2.googlesyndication.com/bg/ Frame 6692 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630803762076&bpp=2&bdt=152&idt=278&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=1232110595924&frm=20&pv=1&ga_vid=1554970311.1630803762&ga_sid=1630803762&ga_hid=305810358&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1561521728657334&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pL1bZE6eLh&p=https%3A//192-168-1-1ip.biz&dtd=302

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f14afeeb671e825b4e19d24a758a41be4632a63b168aec621b01dbf98c1bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 23:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13254
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 23:26:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=192-168-1-1ip.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 01:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=192-168-1-1ip.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 01:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/ Frame 794A 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 04 Sep 2021 07:45:50 GMT
expires: Sat, 18 Sep 2021 07:45:50 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 62213
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 794A 2 KB
602 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64ca58417fa9726bfbf28f7f71e3f1c69be4ba3aecd87d1b13f6c9b429c76518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 23:41:12 GMT
server: ESF
date: Sun, 05 Sep 2021 01:02:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 01:02:43 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 794A 1 KB
857 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:51:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 794A 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:33:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 794A 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:52:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:52:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 794A 122 KB
37 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 794A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 00:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Sep 2021 00:58:00 GMT

GET
H3-29 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 794A 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 02:45:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Dec 2021 08:10:46 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 37ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74a71eafbdbe3b57026fb4901e2090196eb435ff941ae164473c4a602f4078ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Sep 2021 01:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8515
x-xss-protection: 0

GET
H3-29 200 sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js Show response
pagead2.googlesyndication.com/bg/ Frame 466F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js

Requested by

Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f14afeeb671e825b4e19d24a758a41be4632a63b168aec621b01dbf98c1bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 23:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13254
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 23:26:27 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 01:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 05 Sep 2021 01:02:44 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 370C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 04 Sep 2021 23:40:19 GMT
expires: Sun, 04 Sep 2022 23:40:19 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C62D 783 B
539 B 18ms
18ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

362f85885e2adf72733421df1ced27bc67b2ae01e33eab1c93703fa18d81295b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x7LPRzdfWrZkDGfIi66NQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://192-168-1-1ip.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://192-168-1-1ip.biz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 05 Sep 2021 01:02:44 GMT
date: Sun, 05 Sep 2021 01:02:44 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-x7LPRzdfWrZkDGfIi66NQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js Show response
pagead2.googlesyndication.com/bg/ Frame 370C 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sPFK_utnHoJbThnSSnWKQb5GMqY7ForsYhsB2_mMG84.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0f14afeeb671e825b4e19d24a758a41be4632a63b168aec621b01dbf98c1bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 23:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13254
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 23:26:27 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 135E 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCxK0fiYAr6ZHnklMDWxahROYdMEtdBfhaR2cSxBmn_WAFs6BpOnrdaDpdPlz_fOKENRxF5MbNH7DXFqn9Siw6mZVW9qxolnjeIPW0CNcMg1X2s0WIyWhxfGvUjw&sai=AMfl-YRWW0axhTh8UVItd4J_QvDZupZVJ2q1bR_g_ASsD8oTMS41roLEa8u_5N0fUsZyr-0jpeUvKq9LdogL&sig=Cg0ArKJSzHpJL9d4H36pEAE&id=lidar2&mcvt=1003&p=443,1059,923,1299&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=99382339&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630803762399&rpt=706&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 32ms
32ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=1561521728657334&bg=!zs2lzYnNAAYJpm41CaY7ACkAdvg8WiJ4E5t01acDuNVvZlUBUjxuOiE-UwWj0gD4DtWHQrIBwNyghgIAAACTUgAAAApoAQcKAK3UzYYTLPwmrH_sq6zJYHQ0pvsxOQiPGVn6K08SEkb8xacMLnARUiKE7VVDT-a-x1khQEqZ5h3mT6fLQPBaAEp2JKEv2CEjFc8dFRK8jFo0OYvycd9tGFAbpMXh3w2lrZ8vTzwYDU_3aOI8bGWFv775a3NAoq1OUzi2sBwJiK-tJ1LoUp-ADZoKV49Usl_TMeLrXjQGrqYRolEs8V4n3id0xNk3unS0yb9Sune_h5kCeoHjJyeDvUmOPqZjVGM68Tt_2cRzppxRCCRzl5zDvlp4zq18PhjvnF-YPjjlp9q84dUWoJLfndRzaPXnWbfNb5bpfVHx8KFzP0V7KExPav8wQ8drRrtr49vrQd0fxaoDOgcwa9w8qm9ebe7cTt_HpGZ1A8ojeKZS4ncs3wnEy1IAcIqj_irZS7Lla0cNRkSCEAjptJAtayhyuLY7gvtTYzrc19EW9kOleFOly-u3AZNfeV9iIBfs8KOoNhvn6AafjKQ4gGbtLj9ojT0Hh3eOY8VZ0G85hyMBoTL_zXY4he1U-Vyk6QeC7JLADXUtq_PuLCYcUSC-qXFqb9UTTaKee9UwgQqETNkLe4zuxOYlP4QWqmFm604aQfh2VAQ4v22SYmH6iC0JwuRinqXHMAmGGKBusARBUdq0UtNp-INw7j3ZJ06drG-ne0LzQ0O64hXKwsqrkumLqhjT5fPSEfbCzFaVFjG8qEH-WK7VD9xndZYpTQFsE25wKko1f86iEwJL2A0qMieXyUnuUnGmlV1vz2RdGmUXCHydXkOP6PJIvHQD9tinplXxWXADR3LjhdSJgerx47wVSthPtNsAAIGOa-40GLw2r3WDbdQyIyp2cb9meX4Bl2sBNfLXPADbsBMBAv4suu-x7XprutgBCF47-oJzKMCCrt_SOsiF5L2ZGNLEvAbWNuACy0YwqBq9HBb4wLuHQYhYN-qxrZMKojxs3C3VZvy22oQxfC5DjcRTMhWruZ5er_8LFcK9fqMFvtgCTVSWP5finp2mfb4o85aoy8qOdJuKYKw_NkzsP15b-g8RSscisL_0EShqDjHNnMn6yl2bYrKhGxkQ4Sg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A854 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvG57RS5lK_vMD2YWyTkh8T4Q4IYiGhYCsQN-SEOWUvirJpk44LS0lJL42Vavd_XeRsnk_6_1t6htgDA1svr4QlZbElq2qNDnt7_C4b0W4KiueLtgooZqc717Jicw&sai=AMfl-YSaEnzcLNKPBZ7mzkuKUlvH6q_VthQkEm66kiTW669d75A1vFgLdD-O2sPWMIu_xFYT17_VWJP7lRaP&sig=Cg0ArKJSzJHIwJH4Vyz8EAE&id=lidar2&mcvt=1000&p=101,301,381,1299&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=457981418&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630803762343&rpt=986&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9196 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrtog7EwByiyki-fH0mzz_QFKvszPNfuN3ps8pT21JqDugVaZ5dIimLltI4zMsr0hyJX3IOxYBWuHd4FJYrdhwqtidNySgKi0hRJBUhAmmwqmcrIEllj0lnvjuWg&sai=AMfl-YQ4i185SlXGZ967eeNVQrlUMEqig1z4iq87WJUq6rOgsDMwAW9hOKn7GrbNc6JLhznzbzwWvRgktRwp&sig=Cg0ArKJSzJrqK1GP3cFAEAE&id=lidar2&mcvt=1000&p=812,301,1092,987&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3319425727&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630803762380&rpt=1208&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 52385854 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 184ms
95ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/52385854?wmode=0&wv-part=1&wv-hit=596616457&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&rn=572335973&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1630803765%3Aw%3A1600x1200%3Av%3A631%3Az%3A120%3Ai%3A20210905030244%3Au%3A1630803762175095233%3Avf%3A25rt5xw53ficqveir9%3Awe%3A1%3Ati%3A2%3Ast%3A1630803765

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:45 GMT
last-modified: Sun, 05-Sep-2021 01:02:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://192-168-1-1ip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 05-Sep-2021 01:02:45 GMT

POST
H2 200 52385854 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 135ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/52385854?wmode=0&wv-part=1&wv-hit=596616457&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&rn=717980440&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1630803765%3Aw%3A1600x1200%3Av%3A631%3Az%3A120%3Ai%3A20210905030244%3Au%3A1630803762175095233%3Avf%3A25rt5xw53ficqveir9%3Awe%3A1%3Ati%3A2%3Ast%3A1630803765

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://192-168-1-1ip.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Sep 2021 01:02:45 GMT
last-modified: Sun, 05-Sep-2021 01:02:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://192-168-1-1ip.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 05-Sep-2021 01:02:45 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 21:00:07	Name: DSID Value: NO_DATA
.192-168-1-1ip.biz/	1970-01-19 21:01:15	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-19 21:00:04	Name: test_cookie Value: CheckForPermission
.192-168-1-1ip.biz/	1970-01-19 21:00:05	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 06:21:39	Name: IDE Value: AHWqTUlcV8PCoU1k1XQGMQXf5t8ogYDKY98vj1e4xIk8j4nv9KRSOYKsJ0uzQYWNrHA
.192-168-1-1ip.biz/	1970-01-20 06:21:39	Name: __gads Value: ID=f07496433bc75cb2-22a248f972ca0092:T=1630803762:RT=1630803762:S=ALNI_MZJhqnc1r1HETl9_ycRj2akAIZ8Cg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

192-168-1-1ip.biz
19216811.site
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.jsdelivr.net
cookieinfoscript.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
routerlogin.life
tpc.googlesyndication.com
track.seadform.net
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
2606:4700:3030::6815:1376
2606:4700:3030::ac43:8156
2606:4700:3031::ac43:992e
2606:4700:3036::ac43:a756
2a00:1450:4001:802::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:6b8::1:119
2a04:4e42:3::485
37.157.6.241
80.239.201.86
002a64158974851604a71c0ac7f1a06c2f0eb3a51606253d2453470b96913e90
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
0a6fbf910e9852a7f17904d34f6d1c2a04b9ed799c9e3590f97fa168b1f941e8
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
29c7ff572995507d61dd9f4b0407f1f9ce82aec0accf3c1d79116064213a5680
2e36cdec35dcf1e15f4cdc88d49fffff520a7de0c33a0c77d15d733c0f483fe4
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
362f85885e2adf72733421df1ced27bc67b2ae01e33eab1c93703fa18d81295b
3d97426daa2230b87b267328b0d7b0d25c34fd28ac37a495a7fa79b70c828246
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4af6c5be83e60f66720912d58ce0d120048de1fa2e0635865dcbd3b520ea42a4
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50f36dfa6fece434e88e474d214553f6dc1972a8b05f4cdcc3db65890644bd7a
5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de
547830d1b69a5236d2652e0f233f9475b4ab94a2b37653c1f66e618d88ea1eef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
64ca58417fa9726bfbf28f7f71e3f1c69be4ba3aecd87d1b13f6c9b429c76518
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
74a71eafbdbe3b57026fb4901e2090196eb435ff941ae164473c4a602f4078ad
7d48b72c6e4560164947092942b4011ff3cfedc5ecaba19162a4ac8861cc2105
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85039a238feaf4d0564e6ba6c8336787fbb0a5afbbb2cfc98d2f94065be9e881
853241b51a6732b0f482495bf748e64bbcf1468c98c9858f2416d266a0ff02d9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b0f14afeeb671e825b4e19d24a758a41be4632a63b168aec621b01dbf98c1bce
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c44d9ff83d6cf89e1fff49d694dd418b13059f6dd62e135b8a2ce7cec8db9f08
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c74e9aa7c449d9bc85e3db6f54b75b87ddc5e5d7a9d00287730e4bff538d015e
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
d3f90ac82323da5d89e35ce6c87d828faddd812998d3b8a80a1a0575c5f66c0d
d493ae04af81562d0f81e0deaf1cc2f3991f35ccaa427d4de1e9161fdea6cd2b
d54a5a814659b7cbb39a54a2e91f41a1f2d47029b8a673b9e0eae702df4e78f3
db75d162abd392db5a46dbe77d85ecc104286c6792766ae9c0327fb95a481033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b65f42a0bbfc16f3b484b802c00f5bb94a6c8d3723d375f43edb032af9b927
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a8ef76937a7df0865f1ee1a2019312ffd2d5bbedac547a3dcf395a2b6083cb

192-168-1-1ip.biz Open in urlscan Pro 2606:4700:3030::ac43:8156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

85 %IPv6

16 Domains

20 Subdomains

19 IPs

5 Countries

1055 kBTransfer

2582 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

192-168-1-1ip.biz Open in urlscan Pro
2606:4700:3030::ac43:8156 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

85 %
IPv6

16
Domains

20
Subdomains

19
IPs

5
Countries

1055 kB
Transfer

2582 kB
Size

6
Cookies

84 HTTP transactions
4 data transactions