safe.paltycox.com Open in urlscan Pro
172.217.23.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safe.paltycox.com/
Submission: On September 17 via automatic, source certstream-suspicious (September 17th 2021, 2:26:01 pm UTC) — Scanned from DE

Summary HTTP 48 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 48 HTTP transactions. The main IP is 172.217.23.115, located in United States and belongs to GOOGLE, US. The main domain is safe.paltycox.com.
TLS certificate: Issued by GTS CA 1D4 on July 22nd 2021. Valid for: 3 months.

This is the only time safe.paltycox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	172.217.23.115 172.217.23.115	15169 (GOOGLE) (GOOGLE)
4	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	216.58.212.161 216.58.212.161	15169 (GOOGLE) (GOOGLE)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
12	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	142.250.186.105 142.250.186.105	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
14	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
48	15

3 172.217.23.115 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f19.1e100.net

safe.paltycox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.161 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f1.1e100.net

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.105 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com adservice.google.com fundingchoicesmessages.google.com www.google.com	120 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	181 KB
5	doubleclick.net googleads.g.doubleclick.net	10 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	106 KB
3	blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com	151 KB
3	paltycox.com safe.paltycox.com	16 KB
2	rawgit.com cdn.rawgit.com	5 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	661 B
1	blogger.com www.blogger.com	99 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	statically.io cdn.statically.io	2 KB
48	13

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	safe.paltycox.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	maxcdn.bootstrapcdn.com	safe.paltycox.com maxcdn.bootstrapcdn.com
3	safe.paltycox.com	safe.paltycox.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.rawgit.com	safe.paltycox.com
2	3.bp.blogspot.com	safe.paltycox.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.blogger.com	safe.paltycox.com
1	2.bp.blogspot.com	safe.paltycox.com
1	cdnjs.cloudflare.com	safe.paltycox.com
1	ajax.googleapis.com	safe.paltycox.com
1	cdn.statically.io	safe.paltycox.com
48	17

This site contains links to these domains. Also see Links.

Domain
www.blogger.com

Subject Issuer	Validity	Valid
safe.paltycox.com GTS CA 1D4	`2021-07-22` - `2021-10-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
statically.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-17` - `2022-06-18`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.rawgit.com R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://safe.paltycox.com/
Frame ID: CCD3DFF7FF0127CDEF132B9006186D1C
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html
Frame ID: C37A06352A8090ED96688924E66D6B49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&h=90&slotname=5234841156&adk=3439375129&adf=694658028&pi=t.ma~as.5234841156&w=1110&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=2&psa=0&format=1110x90&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754890&bpp=25&bdt=635&idt=101&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=6685257183768&frm=20&pv=2&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=245&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=48WuUBa8fv&p=https%3A//safe.paltycox.com&dtd=120
Frame ID: DBA4DF61B112BDAF08AA4DB0AF68F05B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&h=280&slotname=5234841156&adk=904907391&adf=1149283296&pi=t.ma~as.5234841156&w=370&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=3&psa=0&format=370x280&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754915&bpp=1&bdt=660&idt=103&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=245&ady=504&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9VRokB9Ihb&p=https%3A//safe.paltycox.com&dtd=106
Frame ID: 846C4EE93AE6370B021361B7C0768457
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&h=280&slotname=5234841156&adk=904907391&adf=155624302&pi=t.ma~as.5234841156&w=370&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=3&psa=0&format=370x280&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754916&bpp=1&bdt=661&idt=107&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C370x280&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=985&ady=504&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OZt9OyOtJZ&p=https%3A//safe.paltycox.com&dtd=110
Frame ID: 01BD4BE0A3C2AAF28369088F0311C133
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&adk=1812271804&adf=3025194257&lmt=1612343771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafe.paltycox.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754966&bpp=1&bdt=710&idt=63&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C370x280%2C370x280&nras=1&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=68
Frame ID: F0C1B4F6634AD25FCCEAF4A514F505FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 677F6298BC6B5DB7F5148A77D85CB270
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D7D0AF5F66333014BAF12B40C64B0E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insurance Car Auto

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

3
Countries

755 kB
Transfer

1558 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/profile/03596475391917418187
Title: Calon Dokter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
safe.paltycox.com/ 49 KB
13 KB 703ms
658ms Document
text/html 172.217.23.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.115 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f19.1e100.net

Software

GSE /

Resource Hash

587d46dd419e2f30f404e3f2dd3285403be0f759d2d5667f67419a27386cc5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: safe.paltycox.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-robots-tag: all,noodp
content-type: text/html; charset=UTF-8
expires: Fri, 17 Sep 2021 14:25:54 GMT
date: Fri, 17 Sep 2021 14:25:54 GMT
cache-control: private, max-age=0
last-modified: Wed, 03 Feb 2021 09:16:11 GMT
etag: W/"6926612c8015f13c52aefec7b85f34a7f18fa3f0fd93757feafbd313949c92b1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 13316
server: GSE

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/ 103 KB
18 KB 96ms
63ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9887e1bff87730bab759289295dbae64edec691373cee7f52caf30df3de5dc96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://safe.paltycox.com/
Origin: https://safe.paltycox.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 632, 718, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:17:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:01 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 62e691877778feefb3ea50c3173bf765
cf-ray: 690301aa7c494125-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/ 28 KB
7 KB 53ms
25ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 12732807
cdn-cachedat: 2021-04-23 07:10:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9d11fb3abfab3ac6ed44cf7860f046dd
cf-ray: 690301aa6e942790-PRG
cdn-requestcountrycode: CZ
cdn-requestpullsuccess: True

GET
H2 200 safelink_paltycox.js Show response
cdn.statically.io/gh/simonpalti/safelink/main/ 4 KB
2 KB 197ms
159ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/simonpalti/safelink/main/safelink_paltycox.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

efdbabe0c97aba4f054748be0f9fdd8301d866814903e5ed4e23ff2617518ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1196
x-cache: HIT, MISS
vary: Accept-Encoding
content-length: 1414
x-served-by: cache-sjc10078-SJC, cache-fra19160-FRA
server: statically
etag: W/"d4bd5ce749390439ee63695de7057ae8520d8f5f72a507995f7a2f9363b46fe0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
timing-allow-origin: *

GET
H2 200 no-thumbnail.jpg
3.bp.blogspot.com/-x_mMtgFf6XE/VlhLxwdLekI/AAAAAAAAj3c/N7fRz1lbMSg/s72-c/ 979 B
1 KB 36ms
7ms Image
image/jpeg 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-x_mMtgFf6XE/VlhLxwdLekI/AAAAAAAAj3c/N7fRz1lbMSg/s72-c/no-thumbnail.jpg

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

fife /

Resource Hash

11a669b2627f4897481fe7f1d6312c4237694b80b6eccb2285bc7a73d0928969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 11:13:07 GMT
x-content-type-options: nosniff
age: 11567
content-disposition: inline;filename="no-thumbnail.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 979
x-xss-protection: 0
server: fife
etag: "v8f78"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Sep 2021 15:16:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 59ms
17ms Script
text/javascript 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 17 Sep 2022 12:54:51 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/ 44 KB
12 KB 52ms
50ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe5ebbe44388c9f7d1e3d2924a3ebea4d110a0c430d24ecdcf06a2eb5f610c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://safe.paltycox.com/
Origin: https://safe.paltycox.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 632, 718, 718
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:13:42
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:02 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40261f84e95a31ae73fd9ca5bf39a321
cf-ray: 690301aaecec4125-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-progressbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-progressbar/0.9.0/ 2 KB
2 KB 61ms
23ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-progressbar/0.9.0/bootstrap-progressbar.min.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d515801518c7e11900fc23bf31d9bf3a791ed6c3a71dc72f6d7cab150a74e75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 144134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 871
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-91d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efAK3zOsCi6OlgC%2F1C3apGHXJbNfQmRRmk0Ut6U1UnmdiZyMygOoEtNCLNEB7PKqjVF0j4FFLoMxm4po59OS4ibgpcrWGZGF7N6xQXEgrtKV067TcWxFfG%2FDmhzCKuyz%2Bb4c8Yib"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 690301ab2c36411a-PRG
expires: Wed, 07 Sep 2022 14:25:54 GMT

GET
H2 200 clipboard.min.js Show response
cdn.rawgit.com/zenorocha/clipboard.js/v1.5.16/dist/ 10 KB
4 KB 24ms
7ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/zenorocha/clipboard.js/v1.5.16/dist/clipboard.min.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/10/2021 06:39:24
cdn-pullzone: 201235
server: BunnyCDN-DE1-756
rawgit-cache-status: HIT
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-robots-tag: none
vary: Accept-Encoding
sunset: Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: f6178798e9a1ce158664ad60235b1c9a
content-type: application/javascript; charset=utf-8
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 59ms
36ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

bb82f2535a1048420aa245fe8c0cf9eecbdabff709f8936fb16bd3f90df5fae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49021
x-xss-protection: 0
server: cafe
etag: 400191510172805486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 14:25:54 GMT

GET
H2 200 antiboomclickads.js Show response
cdn.rawgit.com/KompiAjaib/antibmca/master/ 916 B
1 KB 24ms
7ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/KompiAjaib/antibmca/master/antiboomclickads.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

803219bda73d4ffc74c435f66188c735cd4fe4ebf4dc27ec34b552c579b7d022

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 09/07/2021 22:38:32
cdn-pullzone: 201235
server: BunnyCDN-DE1-756
rawgit-cache-status: BYPASS
link: <https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-robots-tag: none
vary: Accept-Encoding
sunset: Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: f5df061f6485e890d7e7dc37b445a314
content-type: application/javascript; charset=utf-8
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 city_street_night_background_wallpaper.jpg
2.bp.blogspot.com/-2lYkIBS7OtQ/WFzBt6ZZ8YI/AAAAAAAAo_M/gZ050Fys7ggZk8nqpixZdNLULgYPlMv3gCLcB/s1600/ 146 KB
147 KB 31ms
8ms Image
image/jpeg 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-2lYkIBS7OtQ/WFzBt6ZZ8YI/AAAAAAAAo_M/gZ050Fys7ggZk8nqpixZdNLULgYPlMv3gCLcB/s1600/city_street_night_background_wallpaper.jpg

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

fife /

Resource Hash

1bebd99191d5e72a548bf922bd47bd66428a87200e44e936c06f7bf90472fe71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:16:45 GMT
x-content-type-options: nosniff
age: 549
content-disposition: inline;filename="city_street_night_background_wallpaper.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149595
x-xss-protection: 0
server: fife
etag: "va3f4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Sep 2021 09:26:20 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/ 69 KB
69 KB 52ms
51ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/fonts/fontawesome-webfont.woff2?v=4.6.1

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
Origin: https://safe.paltycox.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 632, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-06-08 21:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70728
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6a3eaa2edf880dc82fbe5c26d7e415fd
accept-ranges: bytes
cf-ray: 690301aafd0d4125-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 summary Show response
safe.paltycox.com/feeds/posts/ 7 KB
2 KB 321ms
321ms Script
text/javascript 172.217.23.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.paltycox.com/feeds/posts/summary?alt=json-in-script&start-index=1&max-results=3&orderby=published&callback=loadToc

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.115 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f19.1e100.net

Software

blogger-renderd /

Resource Hash

4e04f35af9c58b12b3f9af4211dd5711e047219dde1e8477395c25934c3f652b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/summary?alt=json-in-script&start-index=1&max-results=3&orderby=published&callback=loadToc
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: safe.paltycox.com
referer: https://safe.paltycox.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 09:16:11 GMT
server: blogger-renderd
etag: W/"536dc80ed8e0c6c32c7e7619032f4d46d137bc6c184aa0b08bcc49876b58bf1b"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 1858
x-xss-protection: 0
expires: Fri, 17 Sep 2021 14:25:55 GMT

GET
H2 200 summary Show response
safe.paltycox.com/feeds/posts/ 1 KB
846 B 344ms
344ms Script
text/javascript 172.217.23.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://safe.paltycox.com/feeds/posts/summary?alt=json-in-script&max-results=0&orderby=published&callback=loadCategories

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.115 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f19.1e100.net

Software

blogger-renderd /

Resource Hash

8eb95366ae46b2200fbfba946cec279cc66f4b19ad6e8d605a47e15ca653269f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/summary?alt=json-in-script&max-results=0&orderby=published&callback=loadCategories
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: safe.paltycox.com
referer: https://safe.paltycox.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 09:16:11 GMT
server: blogger-renderd
etag: W/"0d5b04c81a97f85f64e4a4815df6b3a45696b930260f24af2df52dbab4a379a1"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 726
x-xss-protection: 0
expires: Fri, 17 Sep 2021 14:25:55 GMT

GET
H2 200 2759014865-widgets.js Show response
www.blogger.com/static/v1/widgets/ 99 KB
99 KB 408ms
8ms Script
text/javascript 142.250.186.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2759014865-widgets.js

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f9.1e100.net

Software

sffe /

Resource Hash

c6306a4d20d09dfed75630c861155e1b9c251699dc3bb1509fa10453f5dce901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 13 Sep 2021 19:51:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2015 06:17:29 GMT
server: sffe
age: 326053
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101411
x-xss-protection: 0
expires: Tue, 13 Sep 2022 19:51:41 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/ 253 KB
94 KB 60ms
46ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e02f265a1e48c90891bf069c8ce4646c08c8ac6ce28da5340719c3f667b51c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95713
x-xss-protection: 0
server: cafe
etag: 12079502388749246152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 14:25:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/ Frame C37A 10 KB
5 KB 7ms
6ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210915/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 17 Sep 2021 12:36:30 GMT
expires: Fri, 01 Oct 2021 12:36:30 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 6564
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 no-thumbnail.jpg
3.bp.blogspot.com/-x_mMtgFf6XE/VlhLxwdLekI/AAAAAAAAj3c/N7fRz1lbMSg/s250/ 3 KB
3 KB 22ms
7ms Image
image/jpeg 216.58.212.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-x_mMtgFf6XE/VlhLxwdLekI/AAAAAAAAj3c/N7fRz1lbMSg/s250/no-thumbnail.jpg

Requested by

Host: safe.paltycox.com
URL: https://safe.paltycox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.161 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f1.1e100.net

Software

fife /

Resource Hash

6a1c9ad002b50a50cb8c1cd81f2d0287078afe9f7a53cde21772a55d9d53d7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 11:13:27 GMT
x-content-type-options: nosniff
age: 11547
content-disposition: inline;filename="no-thumbnail.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3204
x-xss-protection: 0
server: fife
etag: "v8f78"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:08:25 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
661 B 65ms
24ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=safe.paltycox.com&callback=_gfp_s_&client=ca-pub-1544335238111191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

15678939c2a0938b90f8c3065d4828eccbebfedbdabc4439299f3cbad4e7dff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 58ms
22ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=safe.paltycox.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBA4 436 B
235 B 240ms
239ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&h=90&slotname=5234841156&adk=3439375129&adf=694658028&pi=t.ma~as.5234841156&w=1110&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=2&psa=0&format=1110x90&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754890&bpp=25&bdt=635&idt=101&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=6685257183768&frm=20&pv=2&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=245&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=48WuUBa8fv&p=https%3A//safe.paltycox.com&dtd=120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

796bac07d52e4edf47bc6dd088d9ea797fef5bd66229050583bcca7dead8418a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1544335238111191&output=html&h=90&slotname=5234841156&adk=3439375129&adf=694658028&pi=t.ma~as.5234841156&w=1110&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=2&psa=0&format=1110x90&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754890&bpp=25&bdt=635&idt=101&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&correlator=6685257183768&frm=20&pv=2&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=245&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=48WuUBa8fv&p=https%3A//safe.paltycox.com&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 14:25:55 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 14:40:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 14:25:55 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 58ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631705383510867"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Fri, 17 Sep 2021 14:25:55 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 846C 436 B
236 B 279ms
279ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&h=280&slotname=5234841156&adk=904907391&adf=1149283296&pi=t.ma~as.5234841156&w=370&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=3&psa=0&format=370x280&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754915&bpp=1&bdt=660&idt=103&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=245&ady=504&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9VRokB9Ihb&p=https%3A//safe.paltycox.com&dtd=106

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a9fc950b9277ad799825d668389dea536d32eb7c31a165d9f136d9fe7b93f62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1544335238111191&output=html&h=280&slotname=5234841156&adk=904907391&adf=1149283296&pi=t.ma~as.5234841156&w=370&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=3&psa=0&format=370x280&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754915&bpp=1&bdt=660&idt=103&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=245&ady=504&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9VRokB9Ihb&p=https%3A//safe.paltycox.com&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 14:25:55 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 14:40:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 14:25:55 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01BD 436 B
236 B 237ms
236ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&h=280&slotname=5234841156&adk=904907391&adf=155624302&pi=t.ma~as.5234841156&w=370&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=3&psa=0&format=370x280&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754916&bpp=1&bdt=661&idt=107&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C370x280&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=985&ady=504&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OZt9OyOtJZ&p=https%3A//safe.paltycox.com&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

3fc6616ad3c02899c68c2a81817326ae30e7339175486f83bb18bc89524b47f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1544335238111191&output=html&h=280&slotname=5234841156&adk=904907391&adf=155624302&pi=t.ma~as.5234841156&w=370&fwrn=4&fwrnh=100&lmt=1612343771&rafmt=3&psa=0&format=370x280&url=https%3A%2F%2Fsafe.paltycox.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754916&bpp=1&bdt=661&idt=107&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C370x280&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=985&ady=504&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=OZt9OyOtJZ&p=https%3A//safe.paltycox.com&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 14:25:55 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 14:40:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 14:25:55 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0C1 11 KB
5 KB 427ms
426ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1544335238111191&output=html&adk=1812271804&adf=3025194257&lmt=1612343771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafe.paltycox.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754966&bpp=1&bdt=710&idt=63&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C370x280%2C370x280&nras=1&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=68

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

083477ddbc9e59f15d418ce02ef890483ff6a64c6ae7747fa9252383c89790b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1544335238111191&output=html&adk=1812271804&adf=3025194257&lmt=1612343771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafe.paltycox.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631888754966&bpp=1&bdt=710&idt=63&shv=r20210915&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C370x280%2C370x280&nras=1&correlator=6685257183768&frm=20&pv=1&ga_vid=936757785.1631888755&ga_sid=1631888755&ga_hid=821608125&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3521798474735509&pem=748&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=68
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Sep 2021 14:25:55 GMT
server: cafe
content-length: 4717
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Sep-2021 14:40:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Sep 2021 14:25:55 GMT
cache-control: private

GET
H2 200 ca-pub-1544335238111191 Show response
fundingchoicesmessages.google.com/i/ 95 KB
35 KB 68ms
46ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1544335238111191?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

95875246cff63c2bf1f6b8383cbd255405927d8b659d146941dcd2aa14c062ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qqFS0q0HRDsn55qrzln6/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-qqFS0q0HRDsn55qrzln6/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-qqFS0q0HRDsn55qrzln6/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-qqFS0q0HRDsn55qrzln6/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Fri, 17 Sep 2021 14:25:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXspY52NDq-y3cPz1lkjeB3oD0UxY7uXoUv2f6xtRuDYOxewP6nSerLVk0Bu9dDcFB04sDE9Z4yG28PNdzx9qo= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 38ms
23ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXspY52NDq-y3cPz1lkjeB3oD0UxY7uXoUv2f6xtRuDYOxewP6nSerLVk0Bu9dDcFB04sDE9Z4yG28PNdzx9qo=?pvid=86D1BEEC-DFB5-41D9-9313-6D30A32DF154&anonid=8ED34CA5-3CB4-4B9F-AC66-BD0154B9B50C

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.Vr0GJto-QlA.es5.O/d=1/rs=AJlcJMzOPxfzHIgewzDY7i-1u_-g0KMYRQ/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LV+EP5TLDGw8PkifudC1hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LV+EP5TLDGw8PkifudC1hg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-LV+EP5TLDGw8PkifudC1hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-LV+EP5TLDGw8PkifudC1hg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVg-nCugoORuVK3ziqfTpU6pUVC2bezHtye_cGuMTY-CvLuZUOwABhheUcVr48Ysm459wglzD7M1Z7Uab9Zk24= Show response
fundingchoicesmessages.google.com/f/ 68 KB
25 KB 80ms
46ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVg-nCugoORuVK3ziqfTpU6pUVC2bezHtye_cGuMTY-CvLuZUOwABhheUcVr48Ysm459wglzD7M1Z7Uab9Zk24=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxODg4NzU1LDYzMzAwMDAwMF0sIjg2RDFCRUVDLURGQjUtNDFEOS05MzEzLTZEMzBBMzJERjE1NCIsIjhFRDM0Q0E1LTNDQjQtNEI5Ri1BQzY2LUJEMDE1NEI5QjUwQyIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3NhZmUucGFsdHljb3guY29tLyJd

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.Vr0GJto-QlA.es5.O/d=1/rs=AJlcJMzOPxfzHIgewzDY7i-1u_-g0KMYRQ/m=loader_js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

138c902d2a7b039dbd257d047cf4b099d2c04cee35733ef860108feeb1721c0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2MvwVxBnQCbNhdbwtuA4AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2MvwVxBnQCbNhdbwtuA4AQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-2MvwVxBnQCbNhdbwtuA4AQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2MvwVxBnQCbNhdbwtuA4AQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUsmbUgotKlG6u0eXvIci6NIqhwO75_KvoaJcgkqmkuyeefDs4B8SMW_ydZgXgbAxQYm-D4f7qNN6iYe6_0Y8X81Soj_Ge49nErQS-Vcxwy37R7SoBG2Nk2POVQwcdJsW8SsH8qhnpnU9-FFvX6sZBFRYWaRY-_jFnB05kKtQkwa0mGDKjrhw-iZ0KT Show response
fundingchoicesmessages.google.com/el/ 0
26 B 21ms
20ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUsmbUgotKlG6u0eXvIci6NIqhwO75_KvoaJcgkqmkuyeefDs4B8SMW_ydZgXgbAxQYm-D4f7qNN6iYe6_0Y8X81Soj_Ge49nErQS-Vcxwy37R7SoBG2Nk2POVQwcdJsW8SsH8qhnpnU9-FFvX6sZBFRYWaRY-_jFnB05kKtQkwa0mGDKjrhw-iZ0KT

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.lQ43lO71nL8.es5.O/d=1/rs=AJlcJMwlkRiDfSZoUTR_2qr5dNoWCLYVog/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XUljK3fOJ243OIx0Nt29zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-XUljK3fOJ243OIx0Nt29zw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-XUljK3fOJ243OIx0Nt29zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-XUljK3fOJ243OIx0Nt29zw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1yjhA4Rww0LlSMeG5rieQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1yjhA4Rww0LlSMeG5rieQA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-1yjhA4Rww0LlSMeG5rieQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1yjhA4Rww0LlSMeG5rieQA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW9PKFRHYzGkAuapOPKBWiiTtpQbSCnWIDKtyyH95tEfV98OkksRcEio_DY2ZghnKnlbnrv642nQFswCnDYSLvXNmnXshgmR26dwHJXgRl4UlANaOPs4P1NTLwZSelN5GAcggEPSu5RsGcu647kQV1iZkiHWy-sJpBVGSXx8p3moApRgNt0zTWWCbGM Show response
fundingchoicesmessages.google.com/f/ 87 KB
32 KB 45ms
45ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9PKFRHYzGkAuapOPKBWiiTtpQbSCnWIDKtyyH95tEfV98OkksRcEio_DY2ZghnKnlbnrv642nQFswCnDYSLvXNmnXshgmR26dwHJXgRl4UlANaOPs4P1NTLwZSelN5GAcggEPSu5RsGcu647kQV1iZkiHWy-sJpBVGSXx8p3moApRgNt0zTWWCbGM?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxODg4NzU1LDc0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9zYWZlLnBhbHR5Y294LmNvbS8iXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

84d9c635dee5aa6e13ceede425a29ebf8458f404eedc51ef4d415ef759fe2108

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Am7cqId4xP0utiW/YNM9Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Am7cqId4xP0utiW/YNM9Rw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-Am7cqId4xP0utiW/YNM9Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Am7cqId4xP0utiW/YNM9Rw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 39ms
20ms XHR
application/json 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

940f9389c0c153597eaddd33ef2da245a12d093bb90637b75a650f8b995e0716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8444
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
18ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 17 Sep 2021 14:25:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 677F 12 KB
5 KB 42ms
17ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 17 Sep 2021 14:05:21 GMT
expires: Sat, 17 Sep 2022 14:05:21 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0D7D 783 B
1 KB 42ms
19ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

a8dbac28680272dfb6cab4277080c5a134ebb25ea65a7d3ced486165b17a9d66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c0A4263+Pv0DBYWbuoaqbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://safe.paltycox.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 17 Sep 2021 14:25:55 GMT
date: Fri, 17 Sep 2021 14:25:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-c0A4263+Pv0DBYWbuoaqbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D7D 0
0 40ms
40ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210915&jk=3521798474735509&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 200 YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js Show response
pagead2.googlesyndication.com/bg/ Frame 677F 35 KB
13 KB 7ms
6ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13243
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 17 Sep 2022 08:38:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
17ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210915&jk=3521798474735509&bg=!KimlKW3NAAaUnz4elJ87ACkAdvg8WoCY5Y9c5ty_r65Z2iy2Dk-vhyCupg-CSOi9tgsqzA1KEU31FgIAAAB7UgAAAApoAQcKAFyaoHl7fBOyeYfcrmwaCoOOeaqNAXnN5-GqXbsYjilaUiLiGgDwLOKEYmT5SGggjytenHWeOrjRO0FyQwNuve4GTw6FpkIAMq534gVpEit0TYdAFMs5otLVomWBDJkCedIKzI-j3tFjcz1XWcFKBr1zYLYzHU8VmDFfrr2AxgPjCM-Wbbn24Rl1Rw0K6Bo6OJ6r8wLEUMCGUT6kFcjszWMfQXbgPMnQQDDiGi26VYjwZtbOzgoTaae0QkznZvHSI-HPDMN3sv_bjnV6uJcppddRjTeN4Ee1e48qWT819vG8xF3zedeMBjNZWXINdIrYzcwk0F69UrSyUn9JcISxqUwK51dFCXMrGMAADGQ8uHsrEf4jVXhb3ayoLt0i3QMyIrZz_OcCtE3a7AgeP97XKFW7nx9hgZOQfKGlvfvn-b2s-PXDvG53bGuAyftMd6S45gZ_3f4xtoQ9qrcKaoi9Z8Y1CrpT-taVNilJZTJ99jdzEPcnC7D8YPzIwh8W2Ek72nlowTt4crmNaJATTebQ8iyimnErMahP_2C6bjKOB2Rj26oh--GRGv1utDO8RkpSLKp7YzF74Cx1vRtqMT0y9j8CQ3TruHlvb61Xf6P44UVvTYfHwWzqbcpomrHk-AXHaRpA6GHE2JqEeQWAEEIY2QRkx25YKgWpHXCtC-CtIDL15m-bC1lHcMdLXE-rwfkml-TZMRM3lxd4zRGDOlXU51NMjj8comOKOhdv7qTvq89-gqqULVfvyg2jcaGy_AX6YhxAHnQdjBuIb6tmR_nN60CC5PBcIxcFZ12Wi4gBsHwMuzOrEuVsNdFBP5DoqICfmSUO2QbT_MiATKWwbMle9gH-PuvWf-1RapS7UcTjVbCtNJGk5ToxC78Tf-FWm0ILCumkBZfEPStp3MSvXcsrXXCUdjvY6oWcX9WNvPv7BOHuV5hwPQCfImEidT27qZtQzg9OZfAz1UFonw

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 14:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adv-banner. Show response
fundingchoicesmessages.google.com/f/AGSKWxWST4Dirt54oY2XlhvspZemXQ5WLY1JkpVI5EZqxxCFCe7ehYV2Km0hqQMBi0aZQyDeegKQgUlkJRPvAHgox8KjZ3z5_Vi348PpQOAu0odU2ZQS3Kdr-NZprjboVg7x2l_nSy3e9kR_IIIPlfzM_KN6y4b9x... 54 B
105 B 31ms
30ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWST4Dirt54oY2XlhvspZemXQ5WLY1JkpVI5EZqxxCFCe7ehYV2Km0hqQMBi0aZQyDeegKQgUlkJRPvAHgox8KjZ3z5_Vi348PpQOAu0odU2ZQS3Kdr-NZprjboVg7x2l_nSy3e9kR_IIIPlfzM_KN6y4b9xU4QXpn256bvmknKdH2lXbir2EaMhSAoQDV6FcbguJcy9JzDm3ZmfIdhvIVLqKRQQcJ7WIFnsOynofdblTQ=/_/download/ads/ads-config./ad-emea./ads/real_/adv-banner.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

03ae3fe4a51e5828b70a0a7452dbefceca98f7dcd9621d01545b439dd1e50633

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pgjo81esM0FX4qGLmPvsDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Pgjo81esM0FX4qGLmPvsDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Pgjo81esM0FX4qGLmPvsDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Pgjo81esM0FX4qGLmPvsDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 7ms
7ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b72c2fa4ec43c5e5bfe4690c354ac6ab02ce346602cb558384cb9929a957cf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 13:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6128
x-xss-protection: 0
server: cafe
etag: 16709844125564118196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 14:43:19 GMT

POST
H3 204 AGSKWxWK1bjkoWe0o_FDB4jZoV2CMtnSXxej7Nmac_9q8qaXIbnWmjXdKUVkENHCW3M_eFm86k6mGzyh8FtbJfwbZdfvKUAOM9-UhxIaHRhR-Ig2zmlmotXvquavV4MQm0ZMB-jQiuMM3BHhcVIJPvq1AmsIjXI_Crvmn3TEJBeo3a2DLWgWT-U04uIL1S2O Show response
fundingchoicesmessages.google.com/el/ 0
27 B 22ms
21ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWK1bjkoWe0o_FDB4jZoV2CMtnSXxej7Nmac_9q8qaXIbnWmjXdKUVkENHCW3M_eFm86k6mGzyh8FtbJfwbZdfvKUAOM9-UhxIaHRhR-Ig2zmlmotXvquavV4MQm0ZMB-jQiuMM3BHhcVIJPvq1AmsIjXI_Crvmn3TEJBeo3a2DLWgWT-U04uIL1S2O

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HIUCMSe6l8VQedBfb5rPcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HIUCMSe6l8VQedBfb5rPcQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:56 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-HIUCMSe6l8VQedBfb5rPcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-HIUCMSe6l8VQedBfb5rPcQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PZfOtpsuPUQntWl6bwK23w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PZfOtpsuPUQntWl6bwK23w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:56 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-PZfOtpsuPUQntWl6bwK23w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PZfOtpsuPUQntWl6bwK23w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-drGX9Ynu7TWmqLmN3z9EWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-drGX9Ynu7TWmqLmN3z9EWA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:56 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-drGX9Ynu7TWmqLmN3z9EWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-drGX9Ynu7TWmqLmN3z9EWA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXrAGnOhfjTKUxnksQbGdHFBbYxlwzSvY6hBeOJ3kcLvs8Bq1l4m4PyngGzveIfm_nAOzFhxyfTyjS_kHYUnZnLG4n0vC1ZQt8Mfj6lZ5OWlImVFsK7WEgzj0TSN7i26UvBaGKRCq7ZjBbfw3KS5chzOphRZqkJ-9xa_ThexHmpJAKDtKrCQ-1WEBR1 Show response
fundingchoicesmessages.google.com/f/ 70 KB
25 KB 57ms
57ms Script
application/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrAGnOhfjTKUxnksQbGdHFBbYxlwzSvY6hBeOJ3kcLvs8Bq1l4m4PyngGzveIfm_nAOzFhxyfTyjS_kHYUnZnLG4n0vC1ZQt8Mfj6lZ5OWlImVFsK7WEgzj0TSN7i26UvBaGKRCq7ZjBbfw3KS5chzOphRZqkJ-9xa_ThexHmpJAKDtKrCQ-1WEBR1?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxODg4NzU2LDQ4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsMTAsNl1dLCJodHRwczovL3NhZmUucGFsdHljb3guY29tLyJd

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

9b8359a8a32de19f0fb456ce9316d65389321bf43f5c1f9b608fdba5ef26355c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GFRf7RAs9LhrOo5wI6dv+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-GFRf7RAs9LhrOo5wI6dv+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://safe.paltycox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 14:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-GFRf7RAs9LhrOo5wI6dv+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-GFRf7RAs9LhrOo5wI6dv+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.lagjxEkmZ6Y.es5.O/d=1/rs=AJlcJMyghqRNUFJHlNkHqGlJtlt2OJe0Dg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8LdepCFgMJOOGQCZ3cbK8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8LdepCFgMJOOGQCZ3cbK8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:56 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-8LdepCFgMJOOGQCZ3cbK8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8LdepCFgMJOOGQCZ3cbK8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU1gI0T-i6ZbmRkd4AzFvBzbG9o434WVNzYBq0MxgKks6UgLzh6M1GV0c3seQnippaoOWoaRppgsDPfwUkrFvhCBkl4yKbUnmWLBmy0yBYv_Zn1bOFbjq_2OM4hOubYUoaml3f18KQMDOkfqSJR-juUP8QzZLfr1AcZBfwhYheBZ8DlhIt_m1cMT8j2 Show response
fundingchoicesmessages.google.com/el/ 0
27 B 21ms
20ms XHR
text/html 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU1gI0T-i6ZbmRkd4AzFvBzbG9o434WVNzYBq0MxgKks6UgLzh6M1GV0c3seQnippaoOWoaRppgsDPfwUkrFvhCBkl4yKbUnmWLBmy0yBYv_Zn1bOFbjq_2OM4hOubYUoaml3f18KQMDOkfqSJR-juUP8QzZLfr1AcZBfwhYheBZ8DlhIt_m1cMT8j2

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.x6doQoiis0o.es5.O/d=1/rs=AJlcJMxN6ZM4cAKtedFoGpKl2kbrw8Bk-Q/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5RV40mCnOmQGyQxpozAHRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5RV40mCnOmQGyQxpozAHRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:56 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-5RV40mCnOmQGyQxpozAHRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5RV40mCnOmQGyQxpozAHRw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1H9d+5Eu3DhNegWpZ0tMuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1H9d+5Eu3DhNegWpZ0tMuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://safe.paltycox.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Sep 2021 14:25:56 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://safe.paltycox.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-1H9d+5Eu3DhNegWpZ0tMuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-1H9d+5Eu3DhNegWpZ0tMuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paltycox.com/	1970-01-20 06:39:44	Name: __gads Value: ID=9868493b025a0c15-22a4b4de2dc900ee:T=1631888755:RT=1631888755:S=ALNI_MZVyxnyB-rGFrGxUCDgi74F3iXIKw
.doubleclick.net/	1970-01-19 21:18:09	Name: test_cookie Value: CheckForPermission
.paltycox.com/	1970-01-20 06:39:44	Name: FCCDCF Value: [["AKsRol93sUvY9_ZIgqH-z_RXYPG7gcAqxEjZQfz4clZM7coBYzhLUoK__bcVOAuEMywK0hBHcUp2Yk2t_mC-dCORpZXo2F1bzbVgbynJ52E-woswE73xCpeH8h3cTFp2cH_0s1Osw3zP_uRtogEaNdcL91HIsy6UgA=="],null,["[[],[],[],[],null,null,true]",1631888755603],null,null]
.paltycox.com/	1970-01-20 06:03:44	Name: FCNEC Value: [["AKsRol93sUvY9_ZIgqH-z_RXYPG7gcAqxEjZQfz4clZM7coBYzhLUoK__bcVOAuEMywK0hBHcUp2Yk2t_mC-dCORpZXo2F1bzbVgbynJ52E-woswE73xCpeH8h3cTFp2cH_0s1Osw3zP_uRtogEaNdcL91HIsy6UgA=="]]

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://safe.paltycox.com/(Line 745) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.blogger.com/static/v1/widgets/2759014865-widgets.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://safe.paltycox.com/(Line 745) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.blogger.com/static/v1/widgets/2759014865-widgets.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
3.bp.blogspot.com
adservice.google.com
ajax.googleapis.com
cdn.rawgit.com
cdn.statically.io
cdnjs.cloudflare.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
safe.paltycox.com
tpc.googlesyndication.com
www.blogger.com
www.google.com
www.googletagservices.com
104.16.18.94
104.18.10.207
142.250.185.194
142.250.185.196
142.250.186.105
142.250.186.142
142.250.186.34
142.250.186.66
142.250.74.193
142.250.74.202
151.101.130.137
172.217.23.115
172.217.23.98
216.58.212.161
89.187.169.47
03ae3fe4a51e5828b70a0a7452dbefceca98f7dcd9621d01545b439dd1e50633
083477ddbc9e59f15d418ce02ef890483ff6a64c6ae7747fa9252383c89790b8
11a669b2627f4897481fe7f1d6312c4237694b80b6eccb2285bc7a73d0928969
138c902d2a7b039dbd257d047cf4b099d2c04cee35733ef860108feeb1721c0a
15678939c2a0938b90f8c3065d4828eccbebfedbdabc4439299f3cbad4e7dff8
1bebd99191d5e72a548bf922bd47bd66428a87200e44e936c06f7bf90472fe71
3fc6616ad3c02899c68c2a81817326ae30e7339175486f83bb18bc89524b47f9
4e04f35af9c58b12b3f9af4211dd5711e047219dde1e8477395c25934c3f652b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
587d46dd419e2f30f404e3f2dd3285403be0f759d2d5667f67419a27386cc5e1
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
6a1c9ad002b50a50cb8c1cd81f2d0287078afe9f7a53cde21772a55d9d53d7dc
796bac07d52e4edf47bc6dd088d9ea797fef5bd66229050583bcca7dead8418a
803219bda73d4ffc74c435f66188c735cd4fe4ebf4dc27ec34b552c579b7d022
84d9c635dee5aa6e13ceede425a29ebf8458f404eedc51ef4d415ef759fe2108
8eb95366ae46b2200fbfba946cec279cc66f4b19ad6e8d605a47e15ca653269f
8fe5ebbe44388c9f7d1e3d2924a3ebea4d110a0c430d24ecdcf06a2eb5f610c7
940f9389c0c153597eaddd33ef2da245a12d093bb90637b75a650f8b995e0716
95875246cff63c2bf1f6b8383cbd255405927d8b659d146941dcd2aa14c062ee
9887e1bff87730bab759289295dbae64edec691373cee7f52caf30df3de5dc96
998aa3941b936267a81054e3b8f0abc27b36b2d029d87389c974795f6c633fbd
9b8359a8a32de19f0fb456ce9316d65389321bf43f5c1f9b608fdba5ef26355c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8dbac28680272dfb6cab4277080c5a134ebb25ea65a7d3ced486165b17a9d66
a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a
a9fc950b9277ad799825d668389dea536d32eb7c31a165d9f136d9fe7b93f62a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
b72c2fa4ec43c5e5bfe4690c354ac6ab02ce346602cb558384cb9929a957cf2f
bb82f2535a1048420aa245fe8c0cf9eecbdabff709f8936fb16bd3f90df5fae4
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c6306a4d20d09dfed75630c861155e1b9c251699dc3bb1509fa10453f5dce901
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d515801518c7e11900fc23bf31d9bf3a791ed6c3a71dc72f6d7cab150a74e75b
e02f265a1e48c90891bf069c8ce4646c08c8ac6ce28da5340719c3f667b51c30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efdbabe0c97aba4f054748be0f9fdd8301d866814903e5ed4e23ff2617518ee0

safe.paltycox.com Open in urlscan Pro 172.217.23.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

0 %IPv6

13 Domains

17 Subdomains

15 IPs

3 Countries

755 kBTransfer

1558 kBSize

4 Cookies

1 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safe.paltycox.com Open in urlscan Pro
172.217.23.115 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

15
IPs

3
Countries

755 kB
Transfer

1558 kB
Size

4
Cookies

48 HTTP transactions
0 data transactions